Resources

An Overview of How InsightCloudSec Unifies Visibility of Your Cloud Infrastructure

In InsightCloudSec, all services, utilities, or functions that make up your cloud are managed as Resources. Regardless of the Cloud Service Provider (CSP), e.g., AWS, Azure, GCP, etc., InsightCloudSec uses normalized terminology in a single unified display of all of your cloud resources. For example, a "Storage Container" in InsightCloudSec includes: AWS’ S3 Bucket, GCP’s Cloud Storage, Azure’s Blob Storage Container, or Alibaba’s Object Storage Bucket.

Resources are fundamental to every feature within InsightCloudSec. After deploying our platform and connecting your cloud accounts, the Resources page is a single location from which to view resources across all of your cloud accounts.

28782878

Resources Landing Page

With the correct access and permissions, every resource in your cloud is available in InsightCloudSec. This visibility is the key building block for creating meaningful reporting, management, and automation.

Starting with your Resources, InsightCloudSec capabilities allow you to refine your view by applying Query Filters to create Insights or Insight Packs, and then take action using Bots.

The image below is a high level overview of the key InsightCloudSec features. The connection between these features allows you to customize your configuration for a clearer understanding of the impact, security, and compliance of what exists in your cloud environments.

15001500

InsightCloudSec Features

Before Getting Started

Before getting started with Resources, you will need to have a functioning InsightCloudSec installation that includes at least one connected cloud account. If you haven't connected any cloud accounts, there won't be any resources to view.

Take a look at our Getting Started content for Self-Hosted - Getting Started Guide or SaaS/Hosted Customers - Getting Started Guide for more details. Otherwise, if you have an installation but haven't connected any cloud accounts, visit the Cloud Account Setup page to review the steps for connecting your cloud account(s).

Viewing & Accessing Resources

The "Resource" option on main navigation in InsightCloudSec expands to display access to:

  • Resources (the section we are reviewing here)
    This page walks through the details around the information available in the main "Resources" section of the InsightCloudSec platform (or the first option under the Resource menu).

  • Resource Groups
    Resource Groups offer a way to more efficiently manage resources, enabling users to apply functionality to groups of resources.

  • Tag Explorer
    The Tag Explorer of InsightCloudSec allows users to create tagging configurations to view breakdowns of tagged (or untagged) resources.

Resources Landing Page

Selecting "Resources" from the main navigation menu displays the main Resources landing page.

InsightCloudSec includes 5 categories of resources: Compute, Containers, Storage, Network, and Identity & Management.

  • These categories display at the top of the main "Resources" landing page.
  • Individual resource types can be selected under their applicable resource category.
23562356

Resource Categories

Navigating Resources

Resources under each category are organized alphabetically. You can modify the view of your resources using search, scope, or Query Filters. You can also toggle the list of resources for each category using the "Vertical Ordering" toggle. Navigation tools (from left to right) include:

  • "Resource Type Search" Click the arrow to expand the full list, otherwise begin typing to narrow the selection with suggestions. This search box supports provider-specific terminology. For example, searching for and selecting 'S3 Bucket' will navigate you to the Storage Container Resource Type.
  • "Scopes" (the cloud icon to the right of the search box) Displays resources associated with selected clouds or selected resource groups. You can scope clouds using Badges, or searching for specific cloud types. You can scope resource groups by searching for specific names (or portions of names) of the resource group.
    • To reset this list, select "X Clear All" next to "Actions" (upper left-hand side of window).
    • To remove specific clouds from the scope, select the "X" next to the cloud name beside "Scopes" (upper left-hand side of window).
  • "Query Filters" (the menu option between Scopes and My Resources) Displays resources scoped by Query Filters. You can search for specific filters by name or partial name, cloud (e.g. AWS), or resource type (e.g. Storage Container) and explore the results with the pagination controls. (See additional details below)
    • To reset this list, select "Clear All" next to "Actions" (upper left-hand side of window).
  • "My Resources" (the person-shaped icon to the right of "Query Filters") Shows only the resources belonging to you, the current owner. To reset the list of resources, click "My Resources" again.

All resources matching your scopes and selected Query Filters will be displayed as a list beneath the resource categories. This list will show different resource characteristics, depending on the resource type selected.

  • For example, characteristics describing a Database Snapshot -- a Storage resource type --may include Snapshot type, Size, and State (Availability). Characteristics describing a Storage Container --also a Storage resource type---may include Total Objects, Size, and Logging Bucket.

📘

A Note About Resources & Insights

Resources are also the building blocks of Insights (and automation, e.g., Bots). This page is a high-level overview of navigating the Resources landing page within the InsightCloudSec platform but it's also important to note that Scoping (via Cloud Accounts, Badges, and Resource Groups), as well as implementing Query Filters, are also accessible through this page, and these capabilities are tied to creating Insights.

This page will not cover the specific details on configuring these additional capabilities, but if you are looking for more information, refer to the following pages:

Query Filters

To narrow your view of Resources select the "Query Filters" option at the top of the page.

12371237

Resources Page - Query Filter Option

The Query Filters panel allows you to narrow the scope of your resources using Query Filters that you can identify using any of the following:

  • Search - Use text search based on Query Filter names to identify Query Filters
  • Clear - Allows you to clear all selected criteria and start over
  • Select Cloud - Identify Query Filters based on their supported Cloud Service Provider or multiple providers (e.g., AWS, Azure, GCP, etc.) by selecting or text searching
    • Hover over the Cloud Service Provider icon to see all supported options (e.g. AWS, AWS GovCloud, AWS China)
  • Select Resource Type - Identify Query Filters based on supported resource type (e.g., storage container, instance, database) by selecting or text searching
  • Category - Identify Query Filters based on category (e.g., Compute, Container, Network) by selecting
19961996

Resources Page - Query Filter Panel

Viewing Query Filter Details
Each line in the panel shows the name of the Query Filter along with the icons for all supported Cloud Service Providers. Click on the arrow to the left of any Query Filter name to see additional details for any Query Filter including:

  • Description of the Query filter behavior
  • Supported Resource Types
  • Query Filter code (Note: If these details are not visible, your InsightCloudSec platform installation may not include support for an associated feature. Reach out to our team through Getting Support to confirm, or discuss access.)
14961496

Query Filter Details

Applying Query Filters

1. Selecting "Config" or "Apply" will allow you to apply the Query Filter to your resources view.

  • If your desired Query Filter has a "Config" button next to it, you will need to supply additional details before applying to the filtered Resource view.
  • If your desired Query Filter has an "Apply" button next to it, click "Apply" to view the filtered Resource view.

2. Click the "X" in the top right of the Query Filter panel to close and view your filtered resources.

3. The Resources Page will display your results with the selected Query Filter(s) applied. The filtered view will show the number of Query Filters applied, the name(s) of the Query Filters, and what resource types are supported.

  • Select "Clear All" to start over
  • Select "Save Insight" to turn your filtered view of resources into a custom Insight
  • Select "Download Resources" to download the filtered set of resources
11131113

Resources Page - Applied Query Filter

Downloading Resources

At the top of the Resource Management page, you have the option to download your full cloud asset/resource inventory (up to 250,000 items).

11051105

Download Resources

This download capability can be filtered in one of two ways.

  • Through the modal when you click the Download button, or
  • By selecting a Query Filter for the resources and then selecting the download button

Click on the download button to display all of the resources available in an alphabetical list (by normalized InsightCloudSec name) and then select your desired resource.

  • In addition, use the search field to provide a keyword (e.g., instance) to narrow the list of options to select.
  • You can also download JSON details of an individual resource through the resource blade view.
11901190

Download Resources - Narrow Your Scope for Download

Otherwise, by searching for and applying a Query Filter (e.g., Resource Orphaned), narrow the scope before selecting the download option.

11071107

Filtering Set of Resources for Download.

Resource Properties

For visibility into each resource, click on the box-with-arrow icon just to the left of the resource name.

16001600

Resource Properties

In the newly opened pane, the following list shows the most common information available for resources (each of these is a tab at the top of the window):

Note: Depending on the resource, additional information will display, e.g., Permissions for Storage Container resources, InsightVM Vulnerabilities, etc.

  • "Properties" - All resource attributes that are directly accessible, e.g., name, cloud, account ID.
  • "Actions" - All actions you can take for this resource directly from the InsightCloudSec console, e.g., Delete Resource, Remove Public Permission.
  • "Dependencies" - Dependencies, if any, associated with the resource. You can click on the box-with-arrow icon for a displayed dependency to view additional information about the linked resource. Not all resources/resource types will have dependencies.
  • "Activity" - Scheduled events (if any) and the cloud history for the resource. Cloud history is currently only available for AWS resources.
  • "Insight Findings" - Specific Insights where Bots have found violations or noncompliance, if any, for this resource. Click an Insight's title to open the Insight Report in a new browser tab.
  • "Tags" - Existing tags for this resource with options to edit these as well as add new tags.

🚧

Other Important Properties

All Resources also include a "Last Full Harvest" status under the resource properties, note this may be blank if a resource was not recently harvested. Check out Harvesting Overview for more information.

Under "Storage --> Container Images" the resource properties contains a "Vulnerabilities" tab.

Under "Compute --> Instances" the resource properties contains "Threat Findings" tab.

These additional resource properties are particularly useful when working on configuration around security and compliance for these specific resources.

Download Resource JSON

In addition to viewing details about an individual resource you can also download the details in JSON format. Select the individual resource you want to download, expand the detail blade view, and click on the arrow located in the top right of the individual resource view.

18901890

Download JSON Details for a Resource

Additional Resource Details

Some helpful additional Resource details are provided below. This is not an exhaustive list of browsing, filtering, or automation capabilities, but an overview to help build your familiarity with what details are available in this section of the InsightCloudSec platform.

Direct Linking for Resources

As part of your Resource, under "Properties", InsightCloudSec includes capabilities to build dynamic links that connect to many resources within Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).

13971397

Resource Direct Link

To display direct link information for any supported resource, select the resource type from your target category, and click on the "Open Resource Properties" dialog (next to the checkbox for individual resources).

  • The last line of the resource properties panel, "Direct Link", will show the link associated with the applicable resource.

🚧

Important Details on Direct Linking

Direct Link Permissions
AWS Required permissions (already in the AWS policy): iam:ListAccountAliases
GCP For GCP resources, "view" permissions will be required to properly display and access any direct links.

Supported Resources
Direct link capabilities are currently available for AWS and GCP. Direct links are not applicable to all resources - we are working to expand coverage with each release. For resources that are not supported, links may be improperly formatted or redirect to general console locations rather than resource-specific locations.

Smartlink with Jinja2
You can also use direct link with Jinja2 to create notifications in Slack that link to the resource. The Jinja2 call is {{resource.get_provider_link()}}. Check out additional details on our Jinja2 - References page.

Additional Resource Navigation

Six navigation functions are available for viewing individual resources within your selected resource type.

13981398

Additional Navigation Options

These navigation functions include:

  • "Include Tags" - Allows you to specify up to 5 tags to include in the listing; then displays the values of those tags for each of the listed resources. Learn more about tagging in our page on Tag Explorer.
  • "Create a new resource" - Opens the "Provisioning" screen, from which a new resource can be created. Admin permissions are required.
  • "Refresh Resources in Table" - Refreshes the current resources table.
  • "Download CSV" - Downloads the resource data from the current view as a CSV file. This will download the data per individual resource type (e.g., Compute, Network, Storage, etc.) Note: All resource attributes are downloaded, not just ones toggled 'on' for display in the on-screen table. (See also "Toggle Column Visibility".)
  • "Toggle Column Visibility" - Allows you to select the resource attributes to display as columns in the table. The drop-down list shows only attributes relevant to this resource.
  • "Deselect Resource Type" - This clears the table and returns you to the "Resources" main page.

Managing Resources

To manage a resource, select the checkbox next to the desired resource. The navigation buttons will be replaced by action buttons, which allow you to take actions based on the resource type.

13961396

Actions to Manage Resources

Example actions for a resource include:

📘

Action Buttons are Contextual

Action buttons vary by resource type and change dynamically based on the resource selected.

  • "Add to a resource group" - Adds the selected resources to a resource group.
  • "Assign Owner" - Opens the "Associate Resource Owner" dialog window with a drop-down list of names from which you can select and assign an owner.
  • "Permanently delete selected resources" - Deletes selected resources after confirmation.
  • "Start selected resources" - Starts the selected resource. (Note: This action only applies to Compute resources.)
  • "Stop selected resources" - Stops the selected resource. (Note: This action only applies to Compute resources.)
  • "Reboot" - Restarts the selected resource (Note: This action only applies to Instances).

Resources with Expanded Data

Some resources integrate with internal (InsightCloudSec) and external functionality and provide expanded data as a result:

What's Next?

After familiarizing yourself with Resources, and viewing the information available here, we recommend learning more about:

  • Resource Groups - Collections of resources that can be used to apply granular permissions to a subset of a cloud footprint, to improve visibility or to apply custom policy.
  • Insights - An Insight describes a specific behavior, condition, or characteristic of a cloud resource. Insights are the checks built on a combination of one or more Query Filters and scopes that are run on your infrastructure. They can be used to report on resources, or to instruct Bots as to which resources require actions.

Did this page help you?