Government Cloud Overview & Support

Getting Started with Cloud Services Within Government-Specific Domains and InsightCloudSec

After InsightCloudSec is successfully installed, you're ready to start harvesting resources from your target cloud accounts. This documentation details configuring your Government Cloud (GovCloud) environments to "talk" with InsightCloudSec securely. Review the sections below to determine the best starting point for your environment.

What does InsightCloudSec support from GovCloud?

Review the full list of GovCloud-specific supported services on the Government Cloud Support Reference page.

How do I start seeing my GovCloud environment(s) in InsightCloudSec?

InsightCloudSec relies on a process called "harvesting" to pull data from various CSPs. Currently, InsightCloudSec offers setup instructions for a single cloud account in AWS GovCloud:

Note: Both SaaS and self-hosted customers can use the above instructions.

Can customers running InsightCloudSec in GovCloud (self-hosted) harvest commercial account data/resources?

AWS GovCloud

Yes, however, customers must use a STS assume role operation instead of a traditional assume role. API calls cannot be made between AWS partitions (commercial/GovCloud/China) until a cross-partition STS assume role operation has been performed.

Note: The AWS GovCloud Setup instructions use an STS Assume Role.

Can customers running InsightCloudSec in commercial cloud environments (SaaS and self-hosted) harvest GovCloud account data/resources?

AWS GovCloud

Yes, however, customers must use a STS assume role operation instead of a traditional assume role. API calls cannot be made between AWS partitions (commercial/GovCloud/China) until a cross-partition STS assume role operation has been performed.

Note: The AWS GovCloud Setup instructions use an STS Assume Role.