View Cloud Accounts and Details
The Cloud Accounts section of InsightCloudSec provides visibility into all of the Cloud Accounts connected to InsightCloudSec. You can add badges, research potential gaps in coverage, monitor and adjust harvesting, and audit data. As your cloud footprint expands from dozens to hundreds of cloud accounts, it is increasingly important to ensuring the quality of your data and understand large-scale changes. To help with this, the Cloud Accounts page provides many valuable details across multiple tabs:
Tab | Description |
---|---|
Listing | The Listing tab displays detailed information about all of the cloud accounts that you have onboarded to InsightCloudSec. Review Listing Overview for more information. |
Organizations | The Organizations tab allows you to manage your onboarded cloud service provider (CSP)-based Organization(s) a.k.a. Cloud Organizations. This section of allows you to add and remove Organizations and update configuration information for existing Organizations. |
Summary | This tab provides a summary for your overall cloud footprint with several reports to explore details around all of your cloud accounts. Review the Summary - Cloud Reports page for details on what is displayed on this tab. |
Badges | The Badges tab displays a count of your badges as well as all badges that were discovered/created by InsightCloudSec. Check out our Badges documentation for details on working with this capability. |
EDH Consumers | This tab provides a list of Event-Driven Harvesting (EDH) Consumers associated with the selected cloud account and access to add consumers by clicking the EDH Configuration button. Review Event-Driven Harvesting for more information. |
EDH Producers | This tab provides a list of EDH Producers associated with AWS Accounts and AWS Event Bridge Rules. Review Event-Driven Harvesting for more information. |
EDH Events Summary | This tab displays details for the EDH processed events for the entire organization or selected individual cloud account. Review Event-Driven Harvesting for more information. |
EDH Events | Displays details of the CloudWatch (AWS), EventGrid (Azure), Cloud Asset Inventory (GCP) events that occur. Review Event-Driven Harvesting for more information. |
Audit Log Monitoring | Displays the Audit Log Monitoring (Cloud Anomaly Detection) status of configured Organizations and Accounts. Review Cloud Anomaly Detection for more information. |
Listing Overview
The Listing tab displays detailed harvesting, visibility, and coverage information that will only get better as you add more accounts or turn on more InsightCloudSec features. Some important details to note about this page:
- Use the fields, e.g., Harvest Status, Cloud, Badges, etc., at the top of the page to filter the display.
- To find remote or cloud-managed Kubernetes Clusters (for example: Azure Kubernetes Service or AWS Elastic Kubernetes Service clusters), go to Cloud > Kubernetes Clusters or Inventory > Resources. To find local Kubernetes Clusters, go to Cloud > Kubernetes Clusters.
- Click Download, then select an option to download this table or a Cloud Organization Overview as a
.csv
file. We recommend filtering the table first to prevent your download from timing out. - Click an account's name to open the Cloud Account Details page.
- Click the link in the Visibility column to display window containing any errors or missing permissions that are directly contributing to the impaired visibility.
- Click the number in the Resource Count column to open the Resources Inventory filtered to the selected account/Cloud Organization.
- Click the number in the Badges column to open a list of all the badges associated with this account. Alternatively, if an account has no badges, you can click Add Badge to start the process.
- Click Add Resource in the Disabled Resources column to disable a resource from account harvesting.
- Click the ellipsis (...) in the Action column to reveal additional actions, including on-demand scanning for visibility fixes, harvest resume/pause, and InsightCloudSec Organization migration (review Organizations for details).
False Positives - Known AWS Service Control Policy Issue
When viewing details on the Clouds Listing page, InsightCloudSec may provide false positive warnings for missing permissions. In some scenarios, the permissions are granted within the Service Control Policy (SCP) but are falsely reported as missing. Read more about Service Control Policies. This scenario is the result of a known issue within AWS where, if an Organization has an SCP with conditions based on global keys (e.g., aws:PrincipalArn
), the IAM Policy Simulator results are not accurate because it does not have context with the global keys.
If you have verified that the specific permissions identified as missing are included in your SCP, you can safely disregard these warnings. For remaining questions or concerns, contact us through the Customer Support Portal.