A main feature of the Clouds functionality in InsightCloudSec is the variety of reports available to help you understand your overall cloud footprint, your individual clouds, and your harvesting details.
These reports and details are accessible under "Clouds --> Summary" or by selecting an individual cloud account by its name from the Clouds landing page.
Selecting the Summary option gives you the expected summary details while selecting an individual cloud allows you to examine details specific to that account.
Before getting starting with Cloud reports you will need to have the following:
- A functioning InsightCloudSec platform
- At least one or more connected cloud accounts; if you have no cloud accounts connected, refer to our instructions on Cloud Account Setup
- The appropriate permissions to view the cloud account details
For issues or questions, you can contact us through any of the options outlined on the Getting Support page.
To access the summary reports for your overall cloud footprint, select the "Summary" tab from the main Clouds landing page.
The "Cloud Account Coverage" summary shows which of your cloud accounts are connected to InsightCloudSec. This page also includes access to the InsightCloudSec Status, Cloud, Name, Account ID and Payer Account (AWS only at this time), timestamp, and status.
The greater the percentage of cloud accounts that are connected to InsightCloudSec, the greater the visibility into your overall cloud footprint and performance.
This report summarizes the resource counts for selected clouds. This report provides an overview into your large billable resources.
Selecting any of the hyperlinked fields will take you to the applicable resource pages (e.g., instances, volumes, etc.) with additional details about those particular resources.
This view shows you the number of accounts per cloud provider.
To access summary reports for individual cloud accounts, click on the name of your cloud (in the linked blue text) from the view on the main Clouds landing page.
The Resource Breakdown for a selected cloud shows the percentage of each resource type that makes up your cloud. You can use this as a quick check to verify that the actual makeup of your cloud (e.g., predominately 'Access List Rules') is what you expect it to be.
Dynamic Pie Charts
Position your cursor over an individual pie section (or the listed items in the key at the bottom of the pie chart) to highlight and view only that resource type in the summary.
The Resource by Region report for a selected cloud shows the number of resources hosted by region for this cloud. You can use this as a quick check to verify that only authorized regions (e.g., 'in country') are being accessed.
Dynamic Bar Graphs
Positioning your cursor over any of the bars in the chart displays the region and the exact number of resources of the selected cloud account associated with that region.
The Resources Discovered/Modified timeline provides an additional quick check to verify that the number and composition of new or modified resources you expect (e.g., 'no new resources') is what you have.
Dynamic Timeline for Discovered/Modified Resources
Moving your cursor along the timeline will display specific dates and exact numbers of resources discovered or resources modified.
This timeline shows harvesting results (success, unauthorized, timeout, authentication failed, harvesting error, or provider error) over the previous 14-day period for the selected cloud account. Here, you'll want to see "Success" in your harvesting over time; you'll want to take action to remediate any errors recurring over time.
Dynamic Timeline for Harvest Results
Moving your cursor along the Harvest Results timeline displays specific dates and exact numbers of harvesting results (success, unauthorized, timeout, authentication failed, harvesting error, or provider error).
The final summary report for an individual cloud is a list of Bots that have found compliance issues.
Note: If there are no Bots that meet these criteria, this information will not display.
The list includes the Bot:
- Name - Click on the name to go to the "BotFactory" page, detailing the bot's settings, configuration, and scape, etc.
- Category - Security, Optimization, Best Practices, etc.
- State - A green circle-check says the bot is running, a yellow circle-backslash says the bot is paused.
- Severity - Low, Medium, High
To view Harvesting Information details beyond the general harvesting timeline above, select the "Harvest Info" tab from the overview page of the individual cloud you selected. This list provides details (e.g., resource type, region, etc.) from the last known harvest. This is useful in understanding when a particular resource was last harvested, or when a Bot action was last run. Review Managing Your Clouds for more information.
To view configuration settings for an individual Cloud account, select the "Settings" tab from the overview page of the individual cloud you selected. This page provides the ability to edit account information, billing bucket, or harvesting strategy; add custom properties; and remove the Cloud account from InsightCloudSec. Review Managing Your Clouds for more information.
To view the Resources page scoped to the resources harvested from only this Cloud account, click the "Resources" tab.
For GCP-based Cloud accounts, an additional tab is available that displays all the GCP APIs that InsightCloudSec uses with details on their status (enabled or disabled).
Note: You can activate API Auto-Enablement if you want InsightCloudSec to automatically enable and harvest from every API, but this requires you to manually enable the Service Usage API. In general, we do not recommended auto-enabling; InsightCloudSec recommends only enabling APIs that you use for performance, cost, and security benefits.*
Updated 2 days ago