View Cloud Accounts and Details
The Cloud Accounts section of InsightCloudSec provides visibility into all of the Cloud Accounts connected to InsightCloudSec. You can add badges, research potential gaps in coverage, monitor and adjust harvesting, and audit data. As your cloud footprint expands from dozens to hundreds of cloud accounts, it is increasingly important to ensuring the quality of your data and understand large-scale changes. To help with this, the Cloud Accounts page provides many valuable details across multiple tabs:
|Listing||The Listing tab displays detailed information about all of the cloud accounts that you have onboarded to InsightCloudSec. Review Listing Overview for more information.|
|Organizations||The Organizations tab allows you to manage your onboarded cloud service provider (CSP)-based Organization(s) a.k.a. Cloud Organizations. This section of allows you to add and remove Organizations and update configuration information for existing Organizations.|
|Summary||This tab provides a summary for your overall cloud footprint with several reports to explore details around all of your cloud accounts. Review the Summary - Cloud Reports page for details on what is displayed on this tab.|
|Badges||The Badges tab displays a count of your badges as well as all badges that were discovered/created by InsightCloudSec. Check out our Badges documentation for details on working with this capability.|
|EDH Consumers||This tab provides a list of Event-Driven Harvesting (EDH) Consumers associated with the selected cloud account and access to add consumers via the "EDH Configuration" button. Review Event-Driven Harvesting for more information.|
|EDH Producers||This tab provides a list of EDH Producers associated with AWS Accounts and AWS Event Bridge Rules. Review Event-Driven Harvesting for more information.|
|EDH Events Summary||This tab displays details for the EDH processed events for the entire organization or selected individual cloud account. Review Event-Driven Harvesting for more information.|
|EDH Events||Displays details of the CloudWatch (AWS), EventGrid (Azure), Cloud Asset Inventory (GCP) events that occur. Review Event-Driven Harvesting for more information.|
From any tab in the Cloud Accounts section of InsightCloudSec, you can click + Add Cloud to begin Cloud Account Setup process.
The Listing tab displays detailed harvesting, visibility, and coverage information that will only get better as you add more accounts, enable more InsightCloudSec features, and InsightCloudSec releases product upgrades. Some important details to note about this page:
- Use the fields, e.g., Harvest Status, Cloud, Badges, etc., at the top of the page to filter the display
- Click Download, then select an option to download this table or a Cloud Organization Overview as a
- You should filter this page as much as possible before downloading, however
- Click an account's name to open the Cloud Account Details page.
- If an account's visibility is greater than none but less than full, you can click the Partial:
<n>Services link to display a table containing the missing permissions that are directly contributing to the impaired visibility
- If you have enabled the Host Vulnerability Management feature, you can click the Assessment Coverage graph to display a table containing a detailed look at any errors encountered during assessment
- Click the number in the Resource Count column to open the Resources Inventory filtered to the selected account/Cloud Organization
- Click the number in the Badges column to open a list of all the badges associated with this account
- Alternatively, if an account has no badges, you can click Add Badge to start the process
- Click Add Resource in the Disabled Resources column to disable a resource from account harvesting
- Click the ellipsis (...) in the Action column to reveal additional actions, including on-demand scanning for visibility fixes, harvest resume/pause, and InsightCloudSec Organization migration (review Organizations for details)
False Positives - Known AWS Service Control Policy Issue
When viewing details on the Clouds Listing page, InsightCloudSec may provide false positive Warnings around missing permissions. In some scenarios the permissions are granted within the Service Control Policy (SCP) but falsely report as missing. Read more about Service Control Policies.
This scenario is the result of a known issue within AWS where, if an Organization has an SCP with conditions based on global keys (e.g.,
aws:PrincipalArn), the IAM Policy Simulator results are not accurate because it does not have context with the global keys.
If you have verified that the specific permissions identified as missing are included in your SCP, you can safely disregard these warnings; otherwise for remaining questions or concerns, contact us through the Customer Support Portal.