Resources

In InsightCloudSec, all services, utilities, or functions that make up your cloud are managed as Resources. Resources are fundamental to every feature within InsightCloudSec. After deploying our platform and connecting your cloud accounts, the Resources page is a single location from which to view resources across all of your cloud accounts. This visibility is the key building block for creating meaningful reporting, management, and automation.

Resource terminology

Resources are the normalized InsightCloudSec representation of components of cloud computing. Since our platform is multi-cloud, we developed a standardized (or "normalized") terminology for every resource that is displayed, so that it can be understood in a global context regardless of which provider it comes from.

For example, a "Storage Container" in InsightCloudSec is the normalized term used to refer to: AWS’ S3 Bucket, GCP’s Cloud Storage, Azure’s Blob Storage Container, or Alibaba’s Object Storage Bucket.

Many of these terms will be obvious, but for those terms that aren't clear, or for users that may not be as familiar with certain providers, we want to make that easy to understand.

  • In the product, you can hover over a resource will display both the specific resource name and the associated Cloud Service Provider (CSP).
  • Review our in-depth Resource Type Definitions for the normalized name of each Resource Type we support, the category, and a general definition.
  • Review our Resource Matrix to see every Resource Type in a table format alongside its CSP-specific name.

Connect cloud account resources

Before getting started with Resources, you will need to have a functioning InsightCloudSec installation that includes at least one connected cloud account. If you haven't connected any cloud accounts, there won't be any resources to view. Take a look at our Cloud Account Setup page to review the steps for connecting your cloud account(s).

Explore resources

Starting with your Resources, InsightCloudSec capabilities allow you to refine your view by applying Query Filters to create Insights or Insight Packs, and then take action using Bots.

Feature relationships

To view your resources:

  1. Log in to InsightCloudSec
  2. Go to Inventory > Resources.

The resource categories and filtering options display. Click a resource type to open a results table. Use the Resource Type Search to find a particular type without having to navigate the resource categories tabs or know the InsightCloudSec normalized terminology. For example, searching for and selecting S3 Bucket can take you to the Storage Container resource.

Filter resources

You can modify the list of resources to display using Scopes, Query Filters, and the Global Search. At any point, you can filter the entire Resources view to only display resources owned by you, the current user, by clicking the person icon.

Apply scopes

There are four scope types available to help you filter your resource inventory.

To apply a scope:

  1. From the Resources page, click Scopes.
  2. Select a scope type:
    • Clouds
      1. Optionally, use the Select Badges drop-down to filter the cloud accounts list using badges.
      2. Optionally, select Must Have all Badges to only show cloud accounts that have all selected badges. Otherwise, the list contains cloud accounts that have at least one of the selected badges.
      3. Select the checkbox next to each cloud account you want to show resources for. Scoping by a cloud account that contains a Kubernetes cluster will include the cluster and any of its related resources in the results.
    • Kubernetes Clusters
      1. Select the checkbox next to each Kubernetes cluster you want to show resources for.
    • Resource Groups
      1. Select the checkbox next to each Resource Group you want to show resources for.
    • Applications
      1. Select the checkbox next to each Application you want to show resources for.
  3. Close the panel.
Apply Query Filters

Query Filters assist in answering specific questions about your resources. For example, finding resources older than a number of days, resources trusting a specific account, or resources with an Insight finding. Explore Query Filters for more details.

To apply a Query Filter:

  1. From the Resources page, click Query Filters.
  2. Use the search bar, Cloud Type Support, Resource Type Support, or categories to narrow the list of Query Filters.
  3. Optionally, click + to view details for a Query Filter.
  4. Click Apply. Often, Query Filters require additional configuration. You must provide the required configuration and click Apply again to finish applying the Query Filter.
Search for a resource

If you know a resource's name, account ID, or provider ID, you can also perform a direct search for it.

To search for a resource:

  1. From the Resources page, click Global Search (magnifiying glass icon).
  2. Type a resource name, account ID, or provider ID.
  3. Click the resource to open the resource properties panel.

Interact with resources

All resources matching your selected scopes and Query Filters are displayed as a table beneath the resource categories. The table displays different columns, or properties, depending on the resource type selected. For example, properties for a Database Snapshot may include Snapshot type, Size, and State. Properties describing a Storage Container may include Total Objects, Size, and Logging Bucket.

View resource properties

InsightCloudSec harvests a wealth of information for each resource. These properties are used to build Query Filters and Insights, which build the foundation for the rich set of features available to you.

To view resource properties:

  1. From the Resources page, optionally filter your inventory.
  2. Click a resource category tab.
  3. Click a resource type. A table displays.
  4. Click Resource Properties next to the resource you want to explore. A side panel opens.

The resource properties panel opens to the Properties tab by default. This tab contains all of the properties harvested by InsightCloudSec for a particular resource type.The rest of the tabs may differ between resource types.

Want to share a resource?

Most resources have a Direct Link property available on the resource properties panel that is a direct URL to viewing a particular resource within a given cloud service provider's console. You can also use direct links with Jinja2 to create notifications that link to the resource. Explore the Jinja 2 reference page for details on how.

The following are some important tabs you might see:

  • Risk - Provides a summary of the risk associated with a resource. Explore the Layered Context documentation for details.
  • Insight Findings - Lists all Insight Findings associated with a resource. Explore the Insights documentation for details.
  • Source Documents - Provides a JSON document that surfaces raw data about the resource. Explore the Source Documents section for details.
  • Related Resources - Lists all resources that are related to a given resource. Explore the Related Resources documentation for details.
Download resource data

All resource data is available for download. There are three different viewing experiences:

To download data for multiple resource types:

  1. From the Resources page, optionally filter your inventory.
  2. Click Download Resources.
  3. Select the resource types to download data for.
  4. Optionally, select badges to filter the resources downloaded.
  5. Optionally, select tags to filter the resources downloaded.
  6. Click Download Resources.

To download data for a single resource type:

  1. From the Resources page, optionally filter your inventory.
  2. Click a resource category tab.
  3. Click a resource type. A table displays.
  4. Click Download. A file downloads asynchronously.

To download data for a single resource:

  1. From the Resources page, optionally filter your inventory.
  2. Click a resource category tab.
  3. Click a resource type. A table displays.
  4. Click Resource Properties next to the resource you want to download. A side panel opens.
  5. Click Download JSON.
View Source Documents

For select resource types, there is an additional tab, Source Documents, that surfaces raw data about the resource harvested directly from the Cloud Service Provider (CSP). This additional context about your resources can help to further investigate configuration issues or provide deeper analysis.

Click into the document viewing area, then use ⌘F (MacOS) or CTRL+F (Windows) to search through the data. This data is also included with the resource download or can be viewed and copied directly from the Source Documents pane.

Supported Resources

Support for this feature is currently available for the following lists of resource types, but more types will be supported over time The Source Documents tab will inform you if the selected resource is not supported.

Source Documents - Supported AWS Resources
text
1
Amazon DocumentDB
2
Amazon Macie
3
Amazon MemoryDB for Redis
4
Amazon MQ
5
Amazon OpenSearch Serverless
6
Amazon Redshift (Snapshot)
7
Amazon Sagemaker (Notebook)
8
Amazon Timestream
9
Amazon Transcription
10
API Gateway (Domain, Key, Stage)
11
Athena (Workgroup)
12
AWS App Runner
13
AWS AppSync
14
AWS Auto Scaling (Group, Launch Configurations)
15
AWS Backup (Vault)
16
AWS Glue (Data Catalog, Security Configuration)
17
AWS Outposts
18
AWS Transfer Family (SFTP Server)
19
Batch (Compute Environment)
20
CloudFront
21
CloudHSM
22
CloudTrail
23
CloudWatch (Alarm, EventBridge event bus, Log Group, Rule)
24
Codebuild Project
25
CodeCommit
26
Cognito (User Pool)
27
Container Image (ECR)
28
DataSync (Task)
29
Direct Connect
30
Directory Service
31
Dynamo DB (Accelerator (DAX))
32
DMS Replication Instance
33
EC2 Instance (Amazon EBS Snapshot, Amazon EBS Volume, Launch Template, SSH Key Pair)
34
EFS
35
Elastic Container Service/Fargate (Cluster, Container Task, Task Definition)
36
Elastic Container Registry (Container Image)
37
Elastic IP
38
Elastic Kubernetes Service (Cluster, Container Instance, Node Group)
39
Elastic MapReduce
40
Elastic Network Interface (ENI)
41
Elastic Transcoder (Pipeline)
42
FSx
43
IAM (IAM/ACM SSL Certificate)
44
IAM Policy (Customer-Managed)
45
Key Management Service
46
Kinesis (Data Firehose)
47
Kinesis Video Stream
48
Lambda
49
Managed Apache Airflow (Environment)
50
MSK (Instance)
51
NACL/Security Group
52
NACL/Security Group Rules
53
Neptune
54
RDS (Aurora, Aurora global database, Event Subscription, Snapshot)
55
Route 53 (DNS Zone, Resolver Configuration)
56
Recycle Bin
57
Region
58
S3 (Access Point)
59
S3 Glacier
60
Secrets Manager (Secret)
61
Serverless Application Repository
62
Shield
63
Simple Notification Service (Subscription)
64
Simple Queue Service
65
Step Function State Machine
66
Storage Gateway (NFS/SMB File Share)
67
Systems Manager (Parameter Store (Parameter), Document)
68
WorkSpaces (Instances)
69
VPC (Endpoint/PrivateLink, Elastic Network Interface (ENI), Flow Log, Internet Gateway, Peer, Managed Prefix List, NAT Gateway, Route, Route Table, Site-to-Site VPN, Subnet, Traffic Mirror Target, Transit Gateway, Virtual Private Gateway)
70
VPC Subnet
Source Documents - Supported Azure Resources
Text
1
API Management Service
2
App Registration
3
Azure Cosmos DB
4
Azure Databricks (workspace)
5
Container instances
6
Data Factory
7
Event Grid Topic
8
ExpressRoute circuits
9
Federated Azure AD Group
10
Federated Azure AD User
11
Firewall
12
Image
13
IP Groups
14
Kubernetes Service
15
Logic App
16
Microsoft Entra ID (Group, Service Principal, User)
17
NAT Gateways
18
Network Security Group (Flow Logs)
19
Redis Cache
20
Role Definition
21
Security Rules
22
Service Endpoint/Service Endpoint Policy/Private Endpoint
23
Service Fabric Cluster
24
Snapshot
25
Storage Account
26
Subnet
27
Template Spec
28
Virtual Machine Scale Sets
29
Virtual Network (Gateway)
30
Web Application Firewall policies
Source Documents - Supported GCP Resources 
text
1
Airflow Environment
2
Artifact Registry
3
Autoscalers
4
BigQuery Dataset
5
Bigtable
6
Container Cluster
7
Cloud Armor
8
Cloud Credentials
9
Cloud Function
10
Cloud KMS Cryptokey
11
Cloud KMS Keyring
12
Cloud Run
13
Cloud Spanner
14
Cloud SQL
15
Cloud SQL Backup
16
Data Factory
17
Dataflow Jobs
18
Dataproc
19
Direct Connect
20
DNS Zone
21
Domain Groups
22
Domain Users
23
Identity Platform Provider
24
Image
25
Instance
26
Logs Storage
27
NAT Gateway
28
Network
29
Network Flow Log
30
Network Peer
31
Pub/Sub Subscription
32
Pub/Sub Topic
33
Secret
34
Service Account Key
35
Service Certificate
36
Service Certificate Authority
37
Service Domain
38
Service Policy
39
Shared File System
40
Snapshot
41
Stackdriver Sink
42
Subnet
43
URL Map
44
Virtual Private Gateway
45
VPC
46
VPN Tunnel
Manage resources

Depending on the permissions you have applied to the harvesting roles associated with your cloud accounts, you can perform some basic actions within InsightCloudSec, including:

  • Adding a resource to a Resource Group
  • Assigning an owner to a resource
  • Deleting a resource in InsightCloudSec and in the cloud service provider
  • Start, stop, or reboot a resource

Actions vary by resource type and can change dynamically based on the resource selected.

To manage a resource:

  1. From the Resources page, optionally filter your inventory.
  2. Click a resource category tab.
  3. Click a resource type. A table displays.
  4. Select the checkbox next to the resource you want to manage. Supported actions appear in the results table.