The Cloud Map displays the following resources. For information on the resources for which Illumio CloudSecure supports policies, see Resources that Support Policy
AWS
| Resource | Category | Attached Resources on Details Panel | Map Display Notes | Flow Support |
|---|---|---|---|---|
| VPC | Network Management | Elastic Network Interface (ENI), Subnet, Virtual Private Cloud (VPC) peering, peered VPC | Displays at Region level | No |
| Subnet | Network Management | Subnet | Displays at VPC level | No |
| EC2 Instance | Compute | ENI, Subnet, VPC, Security Group (SG), Elastic IP, Elastic Block Storage (EBS) Volume, Target Group | Displays at Subnet level | Yes |
| EKS Cluster | Containers | ENI, Subnet, VPC, SG, Node Group | Displays at Region level | Yes |
| EKS Nodegroup | Containers | Cluster | Displays at Region level | No |
| VPC Endpoint | Network Routing | S3, S3 Bucket Policy, VPC, ENI, SG, Subnet | Displays at VPC level | Yes |
| RDS DB Cluster | Databases | ENI, Subnet, VPC, SG | Displays at VPC level | Yes |
| RDS DB Instance | Databases | ENI, Subnet, VPC, SG | Displays at VPC level | Yes |
| ECS Cluster | Containers | N/A | Displays at Region level | No |
| ECS Container Instance | Containers | N/A | Displays at Region level | No |
| Glacier Vault | Storage | N/A | Displays at Region level | Yes |
| ElastiCache CacheCluster | Databases | N/A | Displays at Region level | Yes |
| MemoryDB Cluster | Databases | N/A | Displays at Region level | Yes |
| Spot Fleet Request | Compute | EC2 Instance, SpotInstanceRequest | Displays at VPC level | No |
| Spot Fleet Instance Request | Compute | EC2 Instance | Displays at VPC level | No |
| S3 Bucket | Storage | Bucket Policy, VPC Endpoint, VPC, ENI, SG, Subnet | Displays at Region level | No |
| ElasticLoadBalancingV2 Load Balancer | Network Routing | ENI, Subnet, VPC, SG, Target Group | Displays at VPC level | No |
| VPC Peering | Network Management | VPC | Does not display as a resource node, but does display as a relationship | No |
| DynamoDB Table | Databases | N/A | Displays at Region level | No |
| Redshift Cluster | Data Warehouse | ENI, Subnet, VPC, VPC Endpoint, SG, Network Interface Controller (NIC) | Displays at VPC level | No |
| Lambda Function | Serverless | Subnet, VPC, SG, Key Management Services (KMS) key | Displays at VPC level | No |
| DocumentDB DB Cluster | Databases | Document DB Instance, Security Groups, KMS key | Displays at Region level | No |
| DocumentDB Instance | Databases | Document DB Cluster, Security Groups, KMS key, VPC, Subnet | Does not display as a resource node, but does display as a relationship | No |
| Transit Gateway | Network Routing | Transit Gateway Attachment, Transit Gateway Multicast Domain, Transit Gateway, VPC, Subnet, RAM Resource Share | Displays at VPC level | No |
Azure
| Resource | Category | Attached Resources on Details Panel | Map Display Notes | Flow Support |
|---|---|---|---|---|
| Virtual Network | Network Management | NIC, IP Config, Subnet | Displays at Region level | No |
| Subnet | Network Management | VNet, IP Config, NIC, Network Security Group (NSG) | Displays at VNet level | No |
| Storage Account | Storage | Private Endpoint, NIC, Subnet, VNet, NSG | Displays at Region level | No |
| Virtual Machine | Compute | NIC, NSG , IP Config, Subnet, VNet, VM ScaleSet | Displays at Subnet level | Yes |
| SQL Server | Databases | Private Endpoint, NIC, Subnet, VNet, NSG, SQL Server Database | Displays at Region level | No |
| Virtual Machine ScaleSet | Compute | VM Scaleset | Displays at Region level | No |
| Load Balancer | Compute | N/A | Displays at Region level | No |
| Private Endpoint | Network Management | NIC, Subnet, VNet, Azure PaaS resources | Displays at Subnet level | No |
| DocumentDB Database Account | Databases |
Private Endpoint, NIC, Subnet, VNet, NSG, SQL Database, DocumentDB Table, Document DB Gremlin Database, DocumentDB Cassandra Keyspace, DocumentDB Mongo Database |
Displays at Region level | No |
| DocumentDB Cassandra Cluster | Databases | N/A | Displays at Region level | No |
| DocumentDB Mongo Cluster | Databases | Private Endpoint, NIC, Subnet, VNet, NSG | Displays at Region level | No |
| DBforPostgreSQL ServerGroup V2 | Databases | Private Endpoint, NIC, Subnet, VNet, NSG | Displays at Region level | No |
| DBforPostgreSQL Flexible Server | Databases | Private Endpoint, NIC, Subnet, VNet, NSG, DBforPostgreSQL Flexible Server Database |
Displays at Region level | No |
| DBforPostgreSQL Server | Databases | Private Endpoint, NIC, Subnet, VNet, NSG, DBforPostgreSQL Server Database | Displays at Region level | No |
| Web Site | Serverless | Subnet, Web Site Function | Displays at Region level | No |
| Web Site Function | Serverless | Web Site | Displays at Region level | No |
| Virtual Network Peering | Network Management | VNet | Does not display as a resource node, but does display as a relationship | No |
| NAT Gateway | Network Management | Subnet, Public IP, Public IP Prefix | Displays at Region level | No |
| Redis Cache | Databases | VNet, Subnet, Private Endpoint | Displays at Region level | No |
NOTE:
Because CloudSecure may not always discover elastic network interfaces (ENIs), a flow search based on resource IDs will not work for the following supported resources if their Details page does not display the ENI. The workaround is to search using the IP address of the associated ENI, if known:
- AWS RDS DBInstances
- AWS RDS DBClusters
- ElasticLoadBalancingV2 load balancers
- AWS MemoryDB clusters
- AWS ElastiCache for Redis clusters
- AWS Redshift clusters
Because CloudSecure may not always discover elastic network interfaces (ENIs), a flow search based on resource IDs will not work for the following supported resources if their Details page does not display the ENI. The workaround is to search using the IP address of the associated ENI, if known:
- AWS RDS DBInstances
- AWS RDS DBClusters
- ElasticLoadBalancingV2 load balancers
- AWS MemoryDB clusters
- AWS ElastiCache for Redis clusters
- AWS Redshift clusters