Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

To index and profile network assets in a cloud infrastructure or in a combination of cloud and traditional infrastructure, Lumeta has introduced in Spectre Lumeta 3.3.2, Cloud Discovery.  This new discovery type will enable you to monitor a Cloud network in as much detail as a typical corporate network. Spectre Lumeta Cloud Discovery leverages the cloud service provider's APIs to create devices for all running instances. Cloud Discovery findings are reported in the same manner as all other Spectre Lumeta discovery types.

Cloud credentials are encrypted within Spectre Lumeta 3.3.2, yet are accessible to the cloud provider.  This means that all APIs that return a cloud-discovery configuration, including those that export a collector configuration or system configuration, do not include cloud credential "secrets." Rather, clientSecrets and secretKeys are reported as "null" or left empty.

...

  1. Browse to SettingsZones.

  2. Select the zone and collector you want to perform Cloud discovery.

  3. Click the Cloud tab.
    Cloud discovery is initially disabled.

  4. Click Edit and the Enable Cloud Discovery checkbox.
     
     

  5. Click Update.
    The configuration is saved.

  6. Click Credentials.



  7. Upload your cloud credentials as a plain text file, ordered as you would have them read by Spectre Lumeta (i.e., top will be read first). You may download a sample file to see the formatting.


    1. Cloud Alias -aws
    2. Cloud Version -aws
    3. Access Key - AKIAI7BP7YKJPIFKAM4A
    4. Regions - us-east-1
    5. Service Name -aws
    6. Subscription -
    7. Resource Group -
    8. Client ID
    9. Tenant ID


  8. Save your results and exit. Cloud Discovery starts immediately. 

    To use the cloud collector configuration, within AWS, make sure you are in an a user AWS IAM group with a minimal AWS Policy of AmazonEC2ReadOnlyAccess.