DivvyCloud

Welcome to the DivvyCloud Docs!

DivvyCloud is a Cloud Security Posture Management (CSPM) platform that provides real-time analysis and automated remediation across leading cloud and container technologies.

For questions about documentation reach out to us [email protected]

Take Me to the Docs!    Release Notes

Cloud Account Setup

Overview

The page illustrates the step-by-step process for adding cloud accounts. While this process can be used to add multiple cloud accounts, we recommend the following links for adding bulk cloud accounts:

Otherwise, after installing DivvyCloud, the next part of your setup will be to connect your cloud account(s).

🚧

Other Provider Examples

While this example uses AWS, variations of these instructions are also included in the setup and configuration instructions for GCP and Azure.

Prerequisites

Before getting started you will need the following:

  • A functioning DivvyCloud platform
  • Account credentials for the cloud accounts you want to add
    • For example, with AWS using an STS Assume Role you would need your account ID, API, secret key, role ARN, and external ID, as shown below.

Example AWS Account Credentials

Adding a Cloud Account

Whether you are connecting your first cloud account or adding a new cloud account, the process is the same. The "Clouds" screen displays for new users with no cloud accounts and can be accessed through the main navigation from "Cloud --> Clouds", where you can select the "Add Cloud" button on the landing screen or in the upper-right corner.

Adding Cloud Accounts Interface

Steps to Add a Cloud

1. Select your cloud service provider from the available options. If you don't see your provider on the initial screen, click "See More" to expand the full list.

Add a Cloud Account Main Interface

2. Fill in the details for your specific cloud account.

  • You will need your account credentials as specified in the prerequisites.
  • Note: For AWS and Azure you will need to specify your authentication type.

For this example we selected STS Assume Role. Once you have completed filling in the fields, click on the "Add Cloud" button.

Adding Account Credentials

3. For organizations with alternative Harvesting Strategies, the option to select a specific Harvesting Strategy will be available in the Account Details form.

  • For organizations without alternative strategies, the default provider strategy will be applied and no optional selection is displayed.

Selecting a Harvesting Strategy

4. For AWS and GCP you will be able to complete an optional validation step. The validation feature allows you to check permissions for your connected cloud resources.

  • Click "Validate" to complete this step or ignore and continue to adding Cloud Badges (also optional) or select "Add Another Cloud, or select "Finished, Go To Clouds" if you are done.

Validation Option

📘

AWS Permissions

To use the validation feature, you will need to have the following AWS permission enabled: iam:SimulatePrincipalPolicy

5. If you select the "Validate" button and permissions (either missing or misconfigured) prevent DivvyCloud from gaining access to a specific resource, a "View Missing Permissions" button will display.

  • Note for users adding an OCI Cloud, the validate capability is not currently (v21.1) supported.

View Missing Permissions Option

6. Clicking the "View Missing Permissions" button will launch the "Missing Permissions" window that provides details on the resources: a description of the resource and the specific permissions that are missing.

  • The "Copy To Clipboard" option will enable you to save this information to share with internal support or to reference later.

Copy To Clipboard Option

🚧

Missing Permissions - Visibility Issues

Missing permissions do not impact the addition of your cloud. Your cloud account will still be added and initiate the harvesting of resources to view and administrate in DivvyCloud.

You can review issues around resource visibility on the main Clouds page after you've connected your cloud account(s).

Verifying Missing Permissions

7. After addressing any optional validation, you can also add Badges.

  • Badges work as key:value pairs and are a useful way to organize your cloud accounts.

  • Click "Save Badges" for any badges you want to include.

8. To add an additional cloud, select "Add Another Cloud." If you have added all of your accounts, select "Finished, Go To Clouds."

Updated about a month ago


Cloud Account Setup


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.