Serverless Applications
A Serverless application is an application component that executes in a fully managed runtime environment provided by a cloud service provider. Infrastructure management tasks such as server provisioning, scaling, and patching are handled by the provider, allowing teams to focus on application logic.
In UAI, serverless applications are treated as assets and are evaluated for criticality, risk, ownership, and source visibility.
The Serverless tab under the Application inventory provides visibility into serverless application assets discovered across your environment. These assets typically include cloud-managed execution units, such as functions that run without the need to provision or manage servers.
Each row in the Serverless list represents a serverless function discovered in the environment. The following information is displayed for each serverless function:
| Column | Description |
|---|---|
| Function Name | The name of the serverless function. |
| Criticality | Business criticality assigned to the serverless function. |
| TruRisk™ Score | Displays the TruRisk™ score for the serverless function. |
| Asset Type | The classification of the asset, such as AWS Lambda function. |
| Runtime | The execution runtime used by the function. |
| Serverless Type | Indicates the type of serverless resource, such as Function. |
| Memory | The amount of memory allocated to the serverless function. |
| Sources | Displays the discovery sources along with First Seen and Last Seen timestamps. |
| Tags | Shows tags applied to the serverless asset for classification and governance. |
View Serverless Application Details
The Serverless Application Details page provides a view of a discovered serverless application, such as a cloud-managed function. This page helps you understand the application’s identity, configuration, activity, location, tags, and cloud context, along with its security posture.
Expand the Inventory, Security, and Sources sections from the left pane and see various tabs under each section. To know more about the details you can see from these tabs, refer to the following topics:
Inventory Section
The Inventory section provides access to all inventory-related information for the selected serverless application.
The following tabs are available under the Inventory section:
The Asset Summary section provides a high-level overview of the serverless application.
The summary includes:
| Field | Description |
|---|---|
| Serverless Name | The name of the serverless application. |
| Criticality Score | Indicates the business criticality of the serverless application. |
| TruRisk™ Score | Displays the TruRisk™ score for the serverless application. |
| Asset Class and Subclass | Shows the asset classification, including the asset class and its corresponding subclass. |
| Hardware and Operating System | Displays the hardware and operating system associated with the serverless application. |
Identification
The Identification section displays key attributes used to uniquely identify the serverless application.
| Field | Description |
|---|---|
| Function Name | The name of the serverless function as defined in the cloud provider. |
| Function URL | The endpoint or resource URL associated with the function. |
| Serverless Type | Indicates the type of serverless resource, such as a Function. |
| Runtime | The execution runtime used by the function. |
| Memory | The memory allocated to the serverless function. |
| Asset ID | The unique internal identifier assigned to the asset. |
Location
The Location section shows the geographic location associated with the serverless application based on discovery data.
This section includes:
- A map view indicating the last known location
- City, region, and country information
- Last Seen timestamp
Activity
The Activity section provides the following information on the serverless application:
| Field | Description |
|---|---|
| First Discovered On | The date and time when the serverless application was first detected by the system. |
| Created On | The date and time when the serverless application record was created in the inventory. |
| Last Updated On | The most recent date and time when the serverless application details were updated. |
Tags
The Tags section displays tags applied to the serverless application.
You can:
- View existing tags applied to the serverless application
- Add new tags using Add Tags.
Cloud Metadata
If the Serverless Application is associated with a cloud environment, the Cloud Metadata section displays cloud-specific details.
| Field | Description |
|---|---|
| Provider | The cloud provider hosting the serverless application. |
| Account ID | The cloud account identifier associated with the serverless application. |
| Account Name | The name of the cloud account. |
| Region | The geographical region where the serverless application is hosted. |
The Asset Details tab provides technical and contextual information about the selected serverless application.
General
This section displays the identification and configuration details of the serverless application.
| Field | Description |
|---|---|
| Repository Name | The name of the repository. |
| Repository URL | The URL or endpoint where the repository is hosted. |
| Repository Type | The repository technology. |
| Repository Kind | Indicates whether the repository is Code or Binary. |
| External Asset ID | The unique identifier assigned by the external source from which the repository was discovered. |
| Owner | The owner of the repository. |
| Visibility | Displays whether the repository is Public or Private. |
| Created On | The date and time when the repository was created. |
| Last Updated On | The most recent date and time when the repository details were updated. |
Cloud Information
This section provides cloud-related metadata for the serverless application when it is associated with a cloud environment.
| Field | Description |
|---|---|
| Provider | The cloud provider hosting the repository. |
| Account ID | The unique identifier of the cloud account associated with the repository. |
| Account Name | The name of the cloud account. |
| Availability Zone | The availability zone where the repository is hosted. |
| Region | The geographical region of the cloud environment. |
| Region Canonical Name | The canonical name of the cloud region. |
| Tenant ID | The unique identifier of the cloud tenant. |
| Tenant Name | The name of the cloud tenant or organization. |
Additional Attributes
This section displays custom attributes associated with the serverless application. These attributes are typically used for internal classification and governance.
| Field | Description |
|---|---|
| env | Indicates the environment associated with the repository, such as Testing or Production. |
| team | Specifies the team responsible for the repository. |
The Tags tab displays all tags associated with the selected repository. Tags are grouped into Internal Tags and External Tags based on their source and usage.
Internal Tags
Internal Tags are system-generated or user-defined tags. These tags are commonly used for asset organization, dynamic asset grouping, and policy enforcement.
You can add a new tag by clicking Add Tags.
External Tags
External Tags are tags inherited from external sources such as cloud providers, container platforms, or integrated third-party systems.
Business InformationBusiness Information
The Business Information tab provides contextual details for the selected serverless application. This information helps organizations understand the operational purpose of the serverless application, identify responsible teams, and align the asset with business functions and locations.
Basic Information
The Basic Information section displays key business and operational attributes associated with the serverless application.
| Field | Description |
|---|---|
| Operational Status | Indicates the current operational state of the serverless application, such as Active or Inactive. |
| Department | Identifies the department or business unit responsible for the serverless application. |
| Environment | Specifies the environment in which the serverless application is used. |
| Owner / Custodian | The individual accountable for the serverless application from a business perspective. |
| Managed By | Individual or team responsible for managing the serverless application. |
| Supported By | Identifies the support team responsible for handling operational or technical issues. |
| Support Group | Displays the support group associated with the serverless application for escalation and troubleshooting. |
| Assigned Location | Indicates the business or geographic location to which the serverless application is assigned. |
Security Section
The Security section provides risk and security-related insights for serverless applications. This section helps you assess the security posture of the application and prioritize remediation efforts based on risk indicators.
The following tab is available under the Security section:
The TruRisk™ Score provides a risk-based assessment of the serverless application by aggregating multiple contributing factors. This score helps you understand the potential security impact of the serverless application within your environment.
Sources Section
The Sources section provides visibility into how and from where a serverless application was discovered.
The following tab is available under the Sources section:
The Summary tab provides a consolidated view of all external and internal sources that discovered the serverless application.
External Sources
The External Sources section displays details of third-party platforms or integrations that discovered the serverless application.
For each external source, the following information is shown:
| Field | Description |
|---|---|
| Source Name | Name of the external platform or integration that detected the serverless application. |
| First Found | Date and time when the serverless application was first discovered by the external source. |
| Last Seen | Most recent date and time when the serverless application was observed by the external source. |
| Source Native Key | Unique identifier assigned to the serverless application by the external source. |
Sources
The Sources section lists all discovery sources associated with the serverless application. It provides a high-level overview of how the asset is being tracked and updated.
Add or Remove Tags
You can manage tags of the serverless application from the Quick Actions or Actions menu. For more information on managing tags, refer to Manage Asset Tags.
Download Repository List
You can download the list of serverless applications in a report from the Application > Serverless tab in the following formats:
- Comma-Separated Value (CSV)
- Hypertext Markup Language (HTML)
- Extensible Markup Language (XML)
- Portable Document Format (PDF)
If you want to download the report in PDF format, you can select a maximum of 5 columns. If you select the Tags column, the report for up to 5,000 assets is downloaded.
To download, follow these steps:
- Click
on the Serverless tab. - Select the download format and the columns you want in the report.
-
Select the timezone.
-
Click Download.