The Filters section of DivvyCloud is where you find the exploratory tools for surfacing problems of interest among your resources. Filters specify conditions DivvyCloud searches for in identifying matching resources. Reports or actions can then be made on matched resources.
The full list of filters can be accessed via Security --> Filters from the main DivvyCloud navigation.
DivvyCloud is continually updating its filters toolset in response to cloud providers' newly released capabilities as well as customer requests.
The current list of filters can be somewhat overwhelming and we recommend
that you become familiar with them by:
- Examining the filters that are relevant to your cloud environments
- Focusing on your higher priority resources.
See the illustration "Viewing Filters by Cloud Environment and/or Resources" below.
Once you have identified filters of interest, you can learn details, such as description, supported clouds, supported resources, and configuration requirements. You can also view the underlying code to understand how a given filter works.
Once you have an understanding of what is available, you can take actions, including reporting, using filters. Actions are used with:
In both cases, you will likely combine filters and specify filter configurations to identify only the resources you want to identify.
For example, you might combine these filters:
- Resource Is Not Encrypted
- Resource Is Exposed To Public
- Resource Matches Tag Key/Value Regular Expression.
In addition to matching filters (or combinations of filters), you can also search for resources that fail to match filters. For example, you might specify that a key/value is not equal to
environment: public-facing; this would surface S3 buckets with potential unintended data exposure.
You can narrow your view of filters using the search bar, scoping filters by supporting clouds or resource type, or by looking at filters from specific versions of DivvyCloud. Custom filters are also included in the full listing and can be access by toggling the "Owner" option at the top of the page.
You can use the search bar to find a specific filter. In the example below, a search is made for all filters that contain the words "access list"; the results appear in list format in the second half of the Filters:Listing page (found under Security in the left-side navigation bar).
You can further narrow the search by using the Cloud Support and Supported Resources options:
- For the Cloud Support option, you can search for only those filters supported by selected cloud providers, e.g., Amazon Web Services, Amazon Web Services Gov Cloud, Amazon Web Services China, Google Compute Engine, Microsoft Azure, Kubernetes, and Alicloud.
- For the Supported Resource option, you can search for only those filters which are supported by the selected resource type , Instance, Volume, etc. A full list of all DivvyCloud's resource types is found here.
In the example below, Amazon Web Services provides 'Cloud Support' and Instance describes the 'Supported Resource' in a search for filters containing 'Public IP'.
Filters can also be focused using their Release Version. You can also choose which columns should appear in your results. Options here include number of insights with which this filter is associated, number of bots with which this filter is associated, date created, owner, etc.
To inspect the filters in the results, click on the filter name (in blue). You will see the SQL query associated with this filter:
Filters are also used in creating bots.
The Resource Type you select in Step 2 of bot creation will limit the Filters (Conditions) you can select in Step 3.
In the example below, a resource type of Instance is selected. The filters specifying the *Conditions for the bot are limited to only those filters associated with Instance** as a resource type.
The example below shows the same type of limits on accessible filters when the resource type Network is first selected.
Learn more about Bots.
Filters are also found on the Resources page. In the example below, filters are used to further narrow a specific resource type, Instance. The resultant display shows only the Instance resources to which the selected filters can apply.
Learn more about Resources
Updated about a month ago
Other Helpful Pages