In addition to the built-in Compliance Packs, InsightCloudSec includes the ability to create custom Insight Packs and modify existing Insights. This page includes details on viewing, creating, and editing for Custom Packs.
For details on creating a single custom Insight, check out our instructions here.
A Custom Pack can be organized to provide targeted visibility into a testing environment, to expose custom compliance or security concerns, or to combine important Insights in your environment for the best visibility into your specific cloud resources.
Custom Packs are Insight packs that can be created to suit your specific requirements either based on an existing pack or from a selection of filtered resources. Visiting the Insights landing page and selecting the "Custom Packs" tab will provide you with access to the "Create Pack" functionality.
Custom Pack Actions
From the Custom Packs main landing page, each available Custom Pack is displayed as a list item. The following actions can be accessed via the details menu (three vertical dots) to the left of the Custom Pack:
Show Report Breakdown
Show report breakdown
The "Show Report Breakdown" option takes you to a summary page of dynamic charts that allow you to view the following:
- A time series (up to 90 days) plot of total noncompliant resources categorized by what type of Insight registered the resource as noncompliant; ideally, you will see this trending down as you take actions to resolve compliance issues
- Noncompliant resources, as a percentage of total resources, associated with this Insight pack
- Noncompliant resources, as a percentage of total resources, within individual clouds associated with this pack
Email subscriptions associated with Insight packs are available for administration through a Compliance Pack's actions menu ("...").
From the actions menu, click "Manage Subscriptions" (envelope icon) to open a page that provides a list of all subscriptions associated with the Insight Pack. You can add a new subscription or modify, send, or delete an existing subscription from this page.
For more information about setting up SMTP, configuring email notifications, and creating pack-level notifications, check out our documentation on SMTP (Email Notifications).
This option allows you to disable and hide an entire Insight pack from your organization. You must confirm this selection. To unhide and re-enable the pack, uncheck the Hide Disabled Packs checkbox on the main page and toggle the pack's visibility to the "on" position.
Edit Insight Pack
Edit Insight Pack
Allows users (with the appropriate permissions) to modify the details of an existing Custom Pack, including the Name, Description, Badges, etc.
Delete Insight Pack
Delete Insight Pack
Allows the deletion of the Custom Insight Pack (with appropriate permissions). In addition, if an Organization is removed from InsightCloudSec, all associated Insight Packs will also be removed.
Viewing Custom Pack Details
You can view the details of any pack by clicking on the corresponding list item name. This will take you to the Insights Library, listing the filtered individual Insights included in the pack.
Insight Summary Page
Clicking on the name of an individual Compliance Pack opens a summary page listing each individual Insight included with the pack.
Results can be filtered, there are pagination controls, and each Insight row includes (for users with the appropriate permissions) several controls/fields, including:
- An actions menu (Create Bot)
- The name of the individual Insight(s)
- A summary of the Impacted (noncompliant Resources)
- Details on Exempted Resources (when applicable)
- The associated Compliance Rules
- Any associated Bots (a total count)
- Severity details
- Author details
Note: This is simply a "filtered" Insight list; clicking on the text "This is a filtered result set. Click here to reset the filters", will reset this list to display all available Insights.
General Pack Controls
Depending on your permissions, you may be able to review and update details around numerous Custom Packs.
Bots and compliance reporting (Impacted Resources)
Bots and Compliance Reporting (Impacted Resources)
Once you understand specific compliance failures, you can use Bots to notify about or remediate the issue. To learn more about this capability, check out our documentation on BotFactory.
Excluding resources (Exemptions)
Excluding Resources (Exemptions)
In earlier versions, InsightCloudSec offered the ability to exempt resources from Insight findings using the Resource Group functionality. Check out our documentation on our dedicated Exemptions functionality for details on excluding resources.
Viewing existing bots
Checking for Existing Bots
You can determine whether any existing Bots match the failed Insight by clicking on the Bots listed on the Insight page associated with your Compliance Pack.
Creating a bot
Creating a Bot
You may wish to create a Bot to notify of or remediate for the failed insight. In the example below, clicking the actions menu and selecting "Create Bot" next to a specific insight allows you to create a Bot directly from that Insight. Check out details on the main BotFactory & Automation page or hop directly to Creating Bots or Working with Bots (Best Practices & Examples) to review some examples.
For the best results in viewing, sorting, interpreting, and understanding data associated with both the InsightCloudSec Compliance Packs and any Custom Packs you may create, we recommend taking advantage of our Compliance Scorecard.
You can download a .CSV file that includes the results for the Compliance Pack.
From the Compliance Packs page, click on the name of an individual Compliance Pack.
This will take you to a filtered Insights page where you can then select the download arrow.
Authoring & Visibility
Attribution or "Created By" information for any Custom Pack is populated based on the user who created the pack (e.g., whoever was logged in and completed the "Create Pack" process).
Administrators can view all Insights regardless of who created the Insight, even for Insights that were created by a user and marked as "Viewable only by Me."
Toggle Visibility applies to a single pack and a single organization. Enabling a pack as "Global" (see below) relates to a single pack across all child organizations.
Creating a Custom Insight Pack
When creating a new Custom Insight Pack, all characteristics are included as part of a one-time inheritance. For example:
- Custom Packs created from an existing Compliance Pack will include all of the Insights in the pack and any compliance rules you've selected at the time you create the pack.
- Custom Packs scoped to include "must include all Badges" will be locked to those Badges and any changes to pack scoping will require the creation of a new Custom Pack.
You can create a new Custom Insight Pack from a base pack and then do the following:
- Add additional Insights (either out-of-the-box or custom).
- Edit the Custom Pack to remove any individual Insights you don't want to retain (select the Insight and use the "Actions" menu to "Remove from Pack).
- Add existing Insights to the Custom Insight Pack.
Create a custom insight pack
Create a Custom Insight Pack and add Insights to it.
- Go to Security > Insights.
- On the Custom Packs tab, click Create Pack.
- Complete the Create Insight Pack window.
- Name: name your pack (up to 64 characters)
- Description: give your pack a description
- Base Pack: (optional) choose the base pack to allow you to create a custom pack based on an existing Compliance or Custom pack
- Badges: (optional) Associate the pack with badges and select the "Must Have All Badges" if desired
- Logo URL: (optional) Provide a URL to include the display of a custom logo with your pack
- Global Pack: (optional) Select the "Global Pack" checkbox to allow all of your child organizations access to this pack; the pack can only be managed by the parent organization
- Click Submit. The pack appears in the list on the Custom Packs tab. It will include your description of the pack, your username (as Created By), the number of Insights in the pack, the number of Badges used by the pack, and more.
- To add Insights, go to Security > Insights.
- Select the Insight(s) you would like to add to your custom pack.
- Click the Actions button and select Add to Pack.
- Select your custom pack from the list to add your selected Insights.
Your custom pack will now appear on the Custom Packs page with the updated total of Insights.
After creating a Custom Pack, you may want to explore more information around Compliance. For that, we recommend taking a look at our documentation around the Compliance Scorecard.
Or to explore more options around automation for your Custom Pack, take a look at our BotFactory documentation!