Home

Concepts and Terminologies

Get familiar with common terms used in TotalCloud.

Policy

A set of configuration checks that will assess different resources collected from your cloud account.

Control

A configuration check. Each check applies to a specific service/resource.

Here are some examples:
- Password policy should have upper case letter enforced - applies to AWS IAM Service
- Security group should not allow inbound access on port 22 from 0.0.0.0
- applies to EC2/VPC services and Security Group Resource

Service

A service is the high level grouping of different entities or resources, by functional area. Each service consists of different entities or resources.

Resource

A resource is an entity that you can work with. Examples include an Amazon EC2 instance, IAM User, Security Group.

Controls

Each control is applicable to a specific resource type. For each control, applicable resources are collected. Each control checks if the specified attribute of a resource is configured as per best practices.

Control Passed

The control is passed when an attribute being checked is found configured as per the desired requirement for all the applicable resources.

Control Failed

The control is failed when an attribute being checked is not configured as per the desired requirement for any of the applicable resources.

Resource Passed

Resource is considered passed for a control if it’s attribute is configured as per the desired configuration in the control.

Resource Failed

Resource is considered failed for a control if it’s attribute is not configured as per the desired configuration in the control.

Remediation

Remediation is the process that involves actions taken to fix misconfigurations of cloud resources.

Remediation Activity

The action taken to remediate cloud resources is termed as remediation activity. Trigggering remediation through click of Remediate Now or initiating the actions such as Stop Instance, Remove IAM profile for EC2 instance (AWS resource) are all examples of Remediation activities. 

Rule Manager

You can define a rule to alert you and keep you aware of resources that fail certain critical control evaluations and allow to fix resource misconfigurations. Rules can be used to define the criteria to trigger the alert notifications. Associate an action to be executed when the criteria defined in the rule is met. 

Response Actions

Alerts are initiated when events matching a condition is detected and the action you configure for the condition match is triggered. Define the response action to be implemented once any rule created by you is triggered. Alerts are initiated when events matching a condition is detected and the action you configure for the condition match is triggered. Actions that you can choose are "Send the alert messages by Email, PagerDuty or Post to Slack".