Concepts and Terminologies
Get familiar with common terms used in TotalCloud.
Policy
A set of configuration checks that will assess different resources collected from your cloud account.
Control
A configuration check. Each check applies to a specific service/resource.
Here are some examples:
- Password policy should have upper case letter enforced - applies to AWS IAM Service
- Security group should not allow inbound access on port 22 from 0.0.0.0
- applies to EC2/VPC services and Security Group Resource
Service
A service is the high level grouping of different entities or resources, by functional area. Each service consists of different entities or resources.
Resource
A resource is an entity that you can work with. Examples include an Amazon EC2 instance, IAM User, Security Group.
Controls
Each control is applicable to a specific resource type. For each control, applicable resources are collected. Each control checks if the specified attribute of a resource is configured as per best practices.
Control Passed
The control is passed when an attribute being checked is found configured as per the desired requirement for all the applicable resources.
Control Failed
The control is failed when an attribute being checked is not configured as per the desired requirement for any of the applicable resources.
Resource Passed
Resource is considered passed for a control if it’s attribute is configured as per the desired configuration in the control.
Resource Failed
Resource is considered failed for a control if it’s attribute is not configured as per the desired configuration in the control.
Remediation
Remediation is the process that involves actions taken to fix misconfigurations of cloud resources.
Remediation Activity
The action taken to remediate cloud resources is termed as remediation activity. Trigggering remediation through click of Remediate Now or initiating the actions such as Stop Instance, Remove IAM profile for EC2 instance (AWS resource) are all examples of Remediation activities.
Rule Manager
You can define a rule to alert you and keep you aware of resources that fail certain critical control evaluations and allow to fix resource misconfigurations. Rules can be used to define the criteria to trigger the alert notifications. Associate an action to be executed when the criteria defined in the rule is met.
Response Actions
Alerts are initiated when events matching a condition is detected and the action you configure for the condition match is triggered. Define the response action to be implemented once any rule created by you is triggered. Alerts are initiated when events matching a condition is detected and the action you configure for the condition match is triggered. Actions that you can choose are "Send the alert messages by Email, PagerDuty or Post to Slack".