Azure Cloud Device Details

Search > Device Details > Cloud provides inventory, security, and interface data for Azure cloud instances, samples of which follow:

Inventory Tab

One record displays. It represents the one virtual machine instance in AWS cloud.



Data Type Description Example
Provider Name of the cloud provider azure
Account ID Account number the cloud provider assigned to your company's account 040758885882
Instance ID Cloud provider's instance identifier i-010c0019a16e292b8
Public IP Address IPv4 address of the instance 172.18.10.124

Public MAC Address

MAC address of the instance 0e:28:30:20:73:c8
Name Name of the cloud account such as sa-account sa-account
Region Geographic area in which the instance is running eastus
VPC ID Azure Virtual Private Cloud identifier /subscriptions/. . .
VPC Name DNS of device Virtual-Network-NJ
Security Group Risk Number of Security Group Violations 14

Security Tab

Each record describes one security group violation. The risks column identifies why the security configuration has been flagged by Cloud Scout as a violation.

Data Type Description Example
Security Group ID Unique security group identifier generated by Azure to identify a security group. /subscriptions
Check Name Identifier of security group rule UDP Port is Open
Type Category of rule such as "SECURITY_RULE" SECURITY_RULE
Source Entity that found and identified the security violation CloudScout
Direction

Indicates whether the violation occurs going outbound or inbound

inbound
Action Command relative to that security rule allow
Rule Name Given identifier of the rule 25_any_any
Rule Priority Order in which rules should be handed; higher number indicates more risk 130
Source IP IPv4 origin web interface
Destination IP IPv4  end-point interface
Source Protocol Ports Call ports tcp/udp
Destination Protocol Ports Response ports tcp/udp:443-443.
Source IPv6s IPv6 origin web interface
Destination IPv6s IPv6  end-point interface
Region Named cloud region useast
VPC ID Instance identifier /subscriptions/. . .
VPC Name Instance name Virtual-Network-NJ

Interface Tab

The source of Asset Manager Inspector tab data is Amazon Inspector, which is an automated security assessment service on AWS that helps you test the network accessibility of Amazon EC2 instances and the security state of your applications running on the instances. Amazon AWS Inspector analyzes your network configurations in AWS for reachability, a security service that assesses instances for security exposures and vulnerabilities. In-depth information about AWS Inspector is available at https://aws.amazon.com/inspector/faqs/. The inspector tab presents identifiers associated with one AWS instance.


Data Type Description Example
Public IP IPv4 address of the interface 172.18.10.124

Public DNS Address

DNS name of the instance

MAC Address

MAC address of the interface 0e:28:30:20:73:c8
Allowed IP Forwarding Whether IP forwarding is permitted false
Subnet ID Unique identifier of the subnet as identified by AWS
Subnet Policies

Interface Policies Current status of the network interface
Private IP Address IPv4 address for the network interface
Private DNS Name IPv4name for the instance
IPv6 Address IPv6 address of the network interface
IPv6 DNS Name IPv6 name for the instance
Provider Name of the cloud provider aws
Account ID Account number the cloud provider assigned to your company's account 040758885882
Instance ID Cloud provider's instance identifier i-010c0019a16e292b8
Name Name of the cloud account such as sa-account sa-account
AWS Target Identifies AWS assessment targets (collection of AWS resources) for which you want to evaluates the security state
Agent Health Indicates the health of the AWS security assessment service running on the AWS agent
Last Scan Time of the last health check


Inventory Tab

One record displays. It represents the one virtual machine instance in AWS cloud.




Data Type Description
Provider Name of the cloud provider aws
Account ID Account number the cloud provider assigned to your company's account 040758885882
Instance ID Cloud provider's instance identifier i-010c0019a16e292b8
Public IP Address IPv4 address of the instance 172.18.10.124

Public MAC Address

MAC address of the instance 0e:28:30:20:73:c8
Name Name of the cloud account such as sa-account sa-account
Provider Name of the cloud provider
Account ID Account number cloud provider assigned to your company's account
Instance ID Unique identifier of an instance
Public IP Address IPv4 address of instance

Public MAC Address

MAC address of instance
Name Name of the AWS cloud account such as sa-account
Region Geographic area in which the instance is running
VPC ID Amazon Virtual Private Cloud identifier
Risks List of security risks for instance
Security Group Risk Number of Security Group Violations
Subnet Route Risk Number of subnet route risks. The cell will be empty when there aren't any subnet route risks

Security Tab

Each record describes one security group violation. The risks column identifies why the security configuration has been flagged by Cloud Scout as a violation.


Data Type Description
Security Group ID Unique security group identifier generated by Amazon to identify a security group.
Description User-populated field in AWS
Risks Description of a violation
VPC ID

Unique identifier generated by Amazon to identify an Amazon Virtual Private Cloud

IPv4 Range The range of IPv4 address to which a rule applies
IPv6 Range The range of IPv6 address to which a rule applies
Direction

Indicates whether the violation occurs going outbound or inbound

Src Port Origination port from which traffic to instance is allowed
Dest Port Destination port to which traffic from instance is allowed
Protocol The network protocol over which the traffic is allowed

Interface Tab



Data Type Description
Public IP IPv4 or IPv6 address of interface
Index Ordinal number from AWS that identifies the interface
Description Optional field. Populates with the description user provided in AWS

MAC Address

MAC address of interface
Network Interface ID Unique identifier generated by AWS
Interface Status Current status of the network interface
Subnet ID Unique identifier of the subnet as identified by AWS
VPC ID Identifies for the Virtual Private Cloud to which the interface belongs.
Private IP Address IP address for the network interface
Attach Status Indicator as to whether the interface is attached or not attached.  Interface will only show "attached."  (Asset Manager doesn't show "unattached" interfaces. )

Audit Logs

Shows the last 30 days or last 100 event notification records, whichever is smaller. To see more records, you can click Export to export the last 90 days or 10,000 records in JSON format. When you export to JSON, addition details are provided.  



Data Type Description Example
Event Time Time the event was recorded in Coordinated Universal Time (UTC) format 2019-11-08T09:57:24Z
Username Identifier of the person who performed the activity that triggered an event notification AttachNetworkInterface
ModifyInstanceAttribute
RebootInstances
Region Geographic area in which the instance is running
us-east-1
Event Name Event name comes from AWS DetatchNetworkInterface
Event Source From web interface rather than CLI ec2.amazonaws.com
Source IP Address From web interface rather than CLI 152.193.0.98

Notes

One record displays. It represents the one virtual machine instance in AWS cloud.



Data Type Description
Security Group ID Unique security group identifier generated by Amazon to identify a security group.
Description User-populated field in AWS
Risks Description of a violation
VPC ID

Unique identifier generated by Amazon to identify an Amazon Virtual Private Cloud

IPv4 Range The range of IPv4 address to which a rule applies
IPv6 Range The range of IPv6 address to which a rule applies
Direction

Indicates whether the violation occurs going outbound or inbound

Src Port Origination port from which traffic to instance is allowed
Dest Port Destination port to which traffic from instance is allowed
Protocol The network protocol over which the traffic is allowed

Interface Tab


Data Type Description
Public IP IPv4 or IPv6 address of interface
Index Ordinal number from AWS that identifies the interface
Description Optional field. Populates with the description user provided in AWS

MAC Address

MAC address of interface
Network Interface ID Unique identifier generated by AWS
Interface Status Current status of the network interface
Subnet ID Unique identifier of the subnet as identified by AWS
VPC ID Identifies for the Virtual Private Cloud to which the interface belongs.
Private IP Address IP address for the network interface
Attach Status Indicator as to whether the interface is attached or not attached.  Interface will only show "attached."  (Asset Manager doesn't show "unattached" interfaces. )

Audit Logs

Shows the last 30 days or last 100 event notification records, whichever is smaller. To see more records, you can click Export to export the last 90 days or 10,000 records in JSON format. When you export to JSON, addition details are provided.  


Data Type Description Example
Event Time Time the event was recorded in Coordinated Universal Time (UTC) format 2019-11-08T09:57:24Z
Username Identifier of the person who performed the activity that triggered an event notification AttachNetworkInterface
ModifyInstanceAttribute
RebootInstances
Region Geographic area in which the instance is running
us-east-1
Event Name Event name comes from AWS DetatchNetworkInterface
Event Source From web interface rather than CLI ec2.amazonaws.com
Source IP Address From web interface rather than CLI 152.193.0.98



L