Through permissions granted to the IAM role (AWS), AD app registration (Azure) or the service account (GCP), Valtix will continuously maintain an "evergreen" inventory model of the Cloud resources that exist in your Cloud Service Provider accounts, Subscriptions and Projects that are relevant to apply advanced network security. Once discovered, the resources are then made available in workflows that enable Administrators to quickly deploy Security Rules to mitigate risks of exposed applications.
By default, inventory discovery is enabled on all regions. Valtix Controller will perform a full inventory discovery periodically (default is 60 minutes, but is tunable). Real-time inventory discovery is enabled on regions where the CloudFormation template was deployed.
To enable discovery of assets in your Cloud Account:
- Navigate to Manage -> Accounts
- Select the checkbox next to the Cloud Account and click Manage Inventory
- Select the Regions where you have cloud assets that you would wish Valtix to discover. The refresh interval is the time in minutes after which the inventory is refreshed (recommended default of 60 min). Valtix also performs continuous discovery using Cloud Provider APIs and Events (instead of a regular poll). The refresh time interval specified here is for a full re-crawl. This reconciles all assets for any missed events during real time discovery.
- Different refresh intervals can be defined for different Regions by adding a new row and selecting the desired Regions. A Region can belong to a single refresh interval only.
- Click Finish to save.
The Valtix Controller will request the asset inventory for the newly added Region immediately after saving.
To review the discovered assets:
Navigate to Manage -> Inventory