Resource categorization is essential for managing large cloud environments effectively. It enhances visibility, helps identify unused or outdated resources, ensures compliance with security standards and policies, and allows for detailed analysis to diagnose issues.
Saner CSAE organizes cloud resources into logical groups and offers guidance to analyze these resources to assess their relevance, configuration, and security posture.
Understand the Available Resource Categories
Resource categories within Saner CSAE include:
| Resource Categories | What it Constitutes? |
|---|---|
| Compute | Virtual machines, containers, or serverless functions |
| Application Integration | Services like messaging queues, integration tools, and event-driven architectures (e.g., AWS SQS, SNS, Step Functions) |
| Blockchain | API calls and resource actions |
| Business Applications | ERP systems, CRM tools, financial platforms, eCommerce sites |
| Networking & Content Delivery | Network interfaces, load balancers, VPCs, and security groups. |
| Cloud Financial Management | Payment processing, transaction database management, resource cost optimization, data security compliance, and access management |
| Databases | Managed database services (e.g., AWS RDS, Azure SQL, GCP BigQuery). |
| Storage | Object storage (e.g., AWS S3, Azure Blob) and block storage (e.g., EBS) |
| Developer Tools | Source code repositories, artifact storage security, pipeline IAM optimization, outdated developer environments, unused CI/CD resources |
| End User Computing | Virtual desktops, file storage, snapshots/backups, virtual applications |
| Front-end Web & Mobile | S3 Buckets / Storage, APIs, CDNs (CloudFront, etc.), Serverless Functions, CI/CD Pipelines, IAM Roles |
| Internet of Things | IoT Endpoints, Cloud Storage, APIs, Outdated Firmware, Serverless Functions, IAM Roles |
| Machine Learning | Storage buckets, Compute Instances, Model Endpoints, Pipelines, IAM Roles, Outdated Libraries |
| Analytics | Public Data Lake Exposure, Idle Redshift Clusters, Exposed Tableau Dashboards, Unsecured Data Pipelines, Excessive IAM Permissions |
| Security, Identity, & Compliance | IAM Roles & Policies, Security Groups, Public Resources, Encryption, Compliance, Inactive Accounts, Logs & Monitoring |
| Management and Governance | Logging services, alarms, IAM policies, and monitoring |
| Media Services | Media storage, CDNs, DRM and Encryption, Media APIs, Transcoding Jobs, Streaming Services |
| Migration & Transfer | Data transfer services, IAM Roles, Staging Buckets, Virtual Machines, Firewalls and Security Groups, Databases |
| Quantum Technologies | Quantum Workloads, Quantum Cryptography, Quantum APIs, Quantum Communication Channels, Orphaned Quantum Jobs, Hybrid Quantum-Classical Systems |
| Robotics | Control Systems, Sensor Data Storage, Fleet Management, Simulation Environments, APIs for Robotic Systems, AI/ML Models |
| Satellite | Satellite Control Systems, Satellite Data Storage, Ground Station Infrastructure, Real-time Data Streams, APIs for Satellite Operations, Orphaned Resources |
| Others | As applicable |
Drill-down on Specific Resource Category
Click on a specific resource category to open the detailed page that lists all the resources along with their corresponding details.
| Resource Details | Description |
|---|---|
| Resource ID | Unique identifier for the resource (e.g., arn for AWS resources) |
| Resource Name | Name of the cloud resource |
| Service Name | Name of the cloud service (e.g., EC2, S3, and so on) |
| Resource Type | Specifies the kind of resource (e.g., Network Interface, Log Stream, and so on) |
| Resource Category | Group to which the resource belongs |
The live data in the page refreshes after every scan, ensuring that the information remains current and accurate for decision-making regarding security and resource optimization.
Drill-down into Individual Resources for Analysis
By following the Resource ID link, users can access additional details and Summary for further analysis.
| Additional Resource Details | Description |
|---|---|
| Cloud Account ID | The Id assigned to a cloud account within an organization |
| Cloud Provider | Specifies the platform (AWS, Azure, GCP) |
| Region Name | Geographical location of the resource (e.g., us-west-2, us-east-1) |
| Resource Category | Group to which the resource belongs to. For example, Networking and Content Delivery |
| Service Type | Category of resources. Common service types include: Infrastructure Services: Servers, storage, networks (e.g., AWS EC2, Azure VM) Platform Services: Databases, middleware, runtime environments (e.g., AWS RDS, Google Cloud SQL) Application Services: Web apps, APIs, email services (e.g., Office 365, SAP) Security Services: Firewalls, intrusion detection, encryption tools (e.g., Palo Alto, Fortinet) |
| Summary | Users can do a detailed analysis with extended information |
Switch Between Standard and Json Views
Within a specific Resource, you have an option to toggle between the Standard and Json views by clicking the appropriate buttons within the individual resources details view.
Search and Access Categories
From the “Resources by Category” section under the Categorization tab, use the search bar to quickly locate specific resources or categories based on keywords. Just key in your search criteria, expand the desired category to view its resources, and drill-down into individual resources to analyse the security posture, usage, or outdated components.
Perform More Actions
Users can also take additional actions from the dashboard block, such as exporting the records into a spreadsheet (CSV) or using the bi-directional arrow to open the sub-categories pertaining to the resource.
In the detailed view, users also have an option to specify the number of records to display on a page.
See Also:
How to Setup Watchlist Configuration for a Resource?
How to Identify Outdated Resources for Cleanup?
