During any other week, the long list of product enhancements for AWS, Azure and Google Cloud would lead off the CloudCheckr update posting, but this was no ordinary week. CloudCheckr launched our support for VMware with the CloudCheckr Migrate tool, and presented it at VMworld in Las Vegas, in the AWS booth. The free CloudCheckr Migrate tool helps VMware users calculate the correct configuration for migrating their infrastructure to AWS.
The feedback has been terrific and we’ve already made changes to the tool based on user requests. For example, even though the tool has only been available to the public for a week, we have added a CSV export capability and the overview now shows the current and maximum metrics for the cluster. Try the tool for free on our website at http://CloudCheckr.com/vmware.
CloudCheckr provides a great deal of versatility when creating budget alerts. Now we have added more flexibility for Network Usage alerts. You can now create alerts when specific AWS accounts exceed a limit for network usage, either inbound or outbound. When setting up tag mappings previously they could only be setup to map a tag or a property, but not both. Now, you can map both a tag and a property in the same mapping.
Customers love our “Fix Now” button. Even if you know how to fix a specific misconfiguration or security issue, it’s nice to be able to let CloudCheckr take care of it. This way, you don’t have to waste time on manual tasks and in many cases, you can choose to “Always Fix” an issue which means it will be fixed as soon as CloudCheckr detects it. So if a problem comes up over the weekend, it can be fixed automatically and you will see an email notification when you get back to the office. This week’s update includes Fix Now capabilities to remove the IAM user who is making unauthorized CloudTrail Access Attempts. We also added Fix Now for EBS Volumes without a recent snapshot. In those cases, a snapshot will be taken of an EBS volume on a running instance.
The data displayed within the Stale IAM Users Best Practice Check has been updated to include the creation date of that user, so you can make a judgement about what to do with that particular user. Our integration with the Center for Internet Security’s Benchmarks make it easy to get and stay compliant. We have added Best Practice Checks to accommodate the following recommendations: Maintain current contact details, ensure CloudTrail log file validation is enabled, ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket, ensure appropriate subscribers to each SNS topic, and ensure no security groups allow ingress from 0.0.0.0/0 to port 22.
An Untagged Resources report has been added to the Inventory module. This report allows you to see which resources are missing tags, or are missing specific tags. We also added Snapshots to the Managed Disk inventory report. Finally, the Virtual Machine Scale Set Summary report can display data using additional pie charts, for location and VM size. Also for Azure, we now check for Idle SQL Database Instances, so you can avoid paying for instances that have not been used in 48 hours.
GOOGLE CLOUD UPDATES
The Google Cloud Change Monitoring report now reports against changes being made to storage buckets. As we have seen with other cloud platforms, you need to carefully monitor permissions on storage buckets, so you are not making proprietary information public.
To learn more about these and other new features, check out our Support site.
Sign up for a free, 14-day trial to experience how CloudCheckr can simplify cloud cost and management for your organization.