Harvesting Strategies

InsightCloudSec provides a way to create and modify harvesting strategies by cloud, by region, and by resource. In this way, you can better match your harvesting resources with your harvesting needs. For example, you can lower the harvesting cadence in regions where you do not deploy to ensure you are still monitoring for unauthorized usage in those regions.

Previously, harvesting cadences were fairly limited because users couldn't specify resource types to harvest faster or slower than another resource type or even specify the multiplier. Configuring all resources in a single region was the only way to adjust harvesting times and only region-based services were configurable.

InsightCloudSec is putting this power capability in the hands of administrators to allow these fine-tuned configurations on harvesting strategies for each resource type, either per region or globally, for any cloud provider.

Note to Existing Customers

Existing customers who have used previous methods for overriding harvesting cadences via the Clouds page will have a blue banner at the top of their screen after logging in. This is meant to be a call to action to configure harvesting strategies quickly, as this new feature will override those configurations and have all resources in all regions harvesting at default speed.

We recommend setting up a harvesting strategy when you are connecting and configuring your cloud accounts. End users with appropriate permissions can access Harvesting Strategies from the navigation menu under Administration.

InsightCloudSec - Harvesting Strategies

Creating a Harvesting Strategy

Refer to the following steps to create a new harvesting strategy:

  1. Go to Administration > Harvesting Strategies and select New Strategy.
  2. Provide a name for your strategy, select the appropriate cloud service provider (e.g. AWS) and click Create.
  3. On the Strategy Configuration page, review and update the parameters as follows:
    • Region where a new strategy applies (from the Region drop-down box at the top right of the page).
    • Overall percentage change (faster or slower) to the default cadence (from the "Cadence" slide bar).
    • Overrides (in minutes) for specific resource types or harvesters. Default overrides (in minutes) are shown for reference.
    • Apply Normal will reapply the normal Harvest Strategy settings.
    • Apply Daily will apply an an override of 1440 minutes (24 hrs) to all of the settings.

    Override Settings

    Overrides cannot be less than 1 minute or greater than 24 hours.

    For AWS EDH-enabled resources and regions, InsightCloudSec sets a maximum harvesting frequency of four hours.

  4. Click Save & Copy to Regions to apply your strategy to other regions for easier configuration. (This applies when a region other than Global Harvest was initially selected.)

    Limiting Regions

    If you want to create a custom strategy or modify the default strategy in order to exclude a specific region or regions (e.g., working backwards by removing rather than adding regions), you can also create or copy an existing strategy and modify that strategy using the Admin option.

  5. After you have completed your changes to the entire strategy, click Save Changes.
  6. Click Harvesting Strategies to return to the main page and assign resources.
  7. Select the Assign (clipboard) icon (under the Admin options).
  8. In the Strategy Assignment window, select the cloud accounts to be harvested by this strategy. You can scope the strategy by cloud account or by badge.

    Any existing strategy previously assigned to selected accounts will be overwritten.

Modifying an Existing Strategy

Refer to the steps below to modify an existing strategy.

Permissions

Domain Admin permissions are required for the majority of these changes. Contact your administrator or reach out to us through the Customer Support Portal if you have issues or questions.

  1. Locate the strategy you want to modify from Administration > Harvesting Strategies on the Harvesting Strategy - Listing page. You can scope this list by cloud or by strategy name.
  2. From the Harvesting Strategy page under Admin, you can do the following:
    • Configure the strategy (wrench icon) - This navigates to the Strategy Configuration page
    • Assign (or reassign) - This strategy connects to a cloud account (note pad icon)
    • Make Default (check mark) - Will make the target strategy to default for the clouds selected as they are added; this option is available for each cloud type
    • Edit Strategy (pencil icon) - Allows you to modify the strategy name and exclude specific regions from harvesting. Currently, the ability to limit regions and mark resources for deletion in disabled regions is only available for AWS.
    • Delete the strategy - Allows you to delete the strategy with the appropriate permissions and confirmation.
  3. If you opt to configure an existing strategy, your options are the same as those available for creating a New Strategy.
    • Region where a new strategy applies (from the Region drop-down box at the top right of the page).
    • Overall percentage change (faster or slower) to the default cadence (from the Cadence slide bar).
    • Overrides (in minutes) for specific resource types or harvesters. Default overrides (in minutes) are shown for reference.
    • Apply Normal will reapply the normal Harvest Strategy settings.
    • Apply Daily will apply an an override of 1440 minutes (24 hrs) to all of the settings.
  4. Make any changes desired and save.

Selecting Harvesting Strategy for Newly Added Accounts

Once a strategy has been set up, an administrator can assign any cloud account to it, including new accounts as they are added. For details on adding a new cloud account, refer to details on the Cloud Account Setup page. If you don't specify a harvesting strategy when adding the cloud account, it will be assigned to the default strategy for that cloud provider.

  1. When adding a cloud account via the UI, click Show Advanced (at the bottom) and a drop-down menu will display strategies applicable to the type of cloud you are adding.
  2. Click the desired strategy and select Submit when the remainder of the Add Cloud pane is complete. The Harvesting Strategy drop-down option will only appear for organizations that have additional harvesting strategies configured; otherwise, the default is applied and no drop-down menu appears.

Harvesting Strategy Example

In the following example, harvesting times are slowed for Amazon Web Services (AWS) outside the Continental US.

  1. First, we create a new harvesting strategy named New Strategy for AWS.
  2. Second, we decrease the cadence of all harvesting in one region by the following:
    • Choosing one region outside the US (ap-northeast-1).
    • Decreasing the overall harvesting cadence; in this case, we have decreased the cadence by 1000% from default values.
    • We can also override harvesting times for specific resources by entering those numbers (minutes) into the boxes next to the specific resource.
  3. Select Apply to save the changes.
  4. Next, we apply this newly created strategy to all regions by copying that strategy to everything except regions within the Continental US (us-east-1 and 2, us-west-1 and 2).
    • We've used the copy icon, next to the Region box, to open the Region to Copy to pane and select (or deselect) the appropriate regions.
  5. Finally, we return to the Harvesting Strategy listing to assign cloud accounts to the new strategy.
    • On the first return to this listing, you will see that New Strategy is assigned to no clouds.
    • Clicking the clipboard icon opens the Assign Strategy pane, where we have added one of our AWS cloud accounts.