Get familiar with common terms used in CloudView.
A set of configuration checks that will assess different resources collected from your cloud account.
A configuration check. Each check applies to a specific service/resource.
Here are some examples:
- Password policy should have upper case letter enforced - applies to AWS IAM Service
- Security group should not allow inbound access on port 22 from 0.0.0.0
- applies to EC2/VPC services and Security Group Resource
A service is the high level grouping of different entities or resources, by functional area. Each service consists of different entities or resources.
A resource is an entity that you can work with. Examples include an Amazon EC2 instance, IAM User, Security Group.
Each control is applicable to a specific resource type. For each control, applicable resources are collected. Each control checks if the specified attribute of a resource is configured as per best practices.
The control is passed when an attribute being checked is found configured as per the desired requirement for all the applicable resources.
The control is failed when an attribute being checked is not configured as per the desired requirement for any of the applicable resources.
Resource is considered passed for a control if it’s attribute is configured as per the desired configuration in the control.
Resource is considered failed for a control if it’s attribute is not configured as per the desired configuration in the control.