Elisity supports the onboarding of Virtual Private Cloud regions to glean data about cloud-hosted applications.
Elisity offers seamless API-based integration to connect, discover and onboard cloud hosted applications into the Elisity secured network. We can create policy groups for applications and virtual machines hosted in AWS using the data we are able to glean, including application tags and instance IDs.
To onboard AWS hosted applications navigate to the Policy Fabric section on the left pane of Cloud Control Center and select Access Service. At the top right-hand side of the page, select Private Cloud.
Once selected, if no AWS accounts have been integrated, you will be presented with a page to input your AWS account details. Select Add Account Information and follow the tool tip instructions to collect and input the required information for Cloud Control Center to integrate with AWS. Click Submit once completed. Cloud Control Center supports the integration of multiple AWS accounts for cross account security and connectivity.
NOTE: The last required field, AWS Account ID, is your organization’s AWS account ID, not the ID provided in the tool tip instructions. The latter is used for Role ARN creation
After the VPC has been onboarded, all the applications hosted in that VPC will show up under the application section of Cloud Control Center with their instance ID as their name.
TIP: Filter the output to only show AWS and Static applications by selecting “Applications and Static Instances” at the top of the page.
Selecting the instance ID under the name column will open a window with more detail about the AWS application including what policy, if any, it was mapped to, IP addresses, AMI information, and Application Name (cloud native tag). Application Name is a powerful way to reference a cloud hosted application in Elisity policy as Cloud Control Center will immediately recognize changes made to application name when the cloud native tag is modified.
NOTE: For Application Name to populate in Cloud Control Center and be available for consumption when building policy, you must assign a tag to the application in AWS using the following format: