InsightCloudSec Docs

Welcome to the InsightCloudSec Docs!

InsightCloudSec by Rapid7 (formerly DivvyCloud) is a Cloud-Native Security Platform that provides real-time analysis and automated remediation for continuous security and compliance for your multi-cloud environment.

For questions reach out to us through [email protected].

Take Me to the Docs!    Release Notes

Managing Your Clouds

To understand the makeup and performance of your clouds, you can visit the main Clouds page in InsightCloudSec. From the left panel navigation, the main Clouds landing page is available when you expand the Cloud menu. Details on that section of the tool are included on the main Clouds documentation page.

Selecting an individual cloud account from the Clouds landing page provides you with options to view specific details around that individual cloud account, including the settings (which we focus on here).

The content that appears on the Overview tab for an individual cloud account is covered in detail under our Cloud Reports page here.

Harvest Info

This Harvest Info section of the Clouds Account view provides a list of all resource types associated with the Cloud account and the associated harvesting status.

  • Check out Resources for more details on individual resources and resource types.
Cloud Harvest InfoCloud Harvest Info

Cloud Harvest Info

This information allows users to determine the status associated with the resource's harvesting including:

  • the last successful harvest
  • failures & context, if any
  • the next scheduled harvest

In addition this is where users can manually trigger harvesting of a job, either through "Enqueue Now" for an individual job/resource type, or via "Enqueue Selected" to trigger manual harvesting for multiple jobs under a single Cloud Account.

Harvesting Options for JobsHarvesting Options for Jobs

Harvesting Options for Jobs

Clouds Settings

On this page we will explore the capabilities around settings for your clouds accounts. The majority of these options are available when you select an individual cloud and open the settings for that particular cloud account.

Cloud SettingsCloud Settings

Cloud Settings

Options available under the Settings for an individual cloud include:

  • Updating the Account and Billing Information for individual Cloud Accounts
  • Add or Remove a Cloud Account
  • Add or Remove a Cloud Organization (Currently AWS and GCP Only)
  • View Badging Details
  • Assign Harvesting Strategy
  • Set Custom Properties
  • Configure a Billing Bucket (Currently AWS and GCP Only)

🚧

Permissions

For all of the actions outlined below, appropriate permissions are required. If you are not able to make changes, reach out to your administrator or contact us via [email protected] for assistance.

Managing Cloud Accounts

Once a cloud account is added, you can update cloud account information, configure billing buckets (for AWS accounts), and perform other cloud account management activities.

  • Click on the name of the cloud account you'd like to manage from the list of cloud accounts on the Clouds main page (under Cloud on the main navigation menu). Then select the Settings tab.

Updating Account Information

The Account Information window is used to update the name and view cloud credentials for this account. To modify information other than the cloud account name, click the lock icon.

Updating Cloud Account DetailsUpdating Cloud Account Details

Updating Cloud Account Details

Removing a Cloud Account

1. To remove a specific cloud account from the main "Clouds" landing page, select the name of the individual cloud account to open the details.

2. Click on the Settings tab for that account and locate the button that says "Remove Cloud Account".

3. Click to confirm the removal of the target account.

Removing a Cloud AccountRemoving a Cloud Account

Removing a Cloud Account

🚧

Removing Cloud Accounts

Removing a cloud account from InsightCloudSec does not remove or delete the cloud itself from the cloud service provider.

Removing a cloud account from InsightCloudSec does remove the ability to provide you with complete and accurate visibility into your cloud operations.

Harvesting Strategy

From the Settings pane, you can access the Harvesting Strategy window to configure the harvesting cadence for your clouds. When initially created/connected, your cloud accounts will be configured with the "Default Provider Strategy". This default follows our established baseline recommendations for cadences around various resources.

This is where you go to apply a customized strategy if desired.

  • Harvesting Strategies are accessible within the InsightCloudSec platform under Administration --> Harvesting Strategies.
  • Refer to our documentation on Harvesting Strategies for more information.
Accessing the Harvesting Strategy CapabilityAccessing the Harvesting Strategy Capability

Accessing the Harvesting Strategy Capability

In updating the harvesting cadence, the system administrator can choose to apply the new cadence to all clouds in that region that are of the same type as the selected cloud. An example of this would be "all AWS accounts".

Custom Properties

With appropriate permissions, you can view and add custom properties to your cloud account. These can be used as metadata or to otherwise extend the functionality of your work within InsightCloudSec.

Revising Custom PropertiesRevising Custom Properties

Revising Custom Properties

Configuring a Billing Bucket (Currently AWS and GCP Only)

The Billing Bucket Configuration pane is at the bottom of the Settings page for the individually selected Cloud.

For AWS and GCP accounts, your system administrator can configure the billing bucket for the selected cloud account. Billing information will be pulled from this location periodically.

This feature is currently only available for AWS and GCP.

Configure Billing Bucket ExampleConfigure Billing Bucket Example

Configure Billing Bucket Example

Updated 20 days ago

Managing Your Clouds


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.