Governance & Security Dashboard

Owned by Kumar Desai (Unlicensed)
Last updated: May 27, 2021 by Venkataraman Padmanabhan (Unlicensed)
7 min read

Overview

With HyperCloud™ Platform (HCP) v6.5.0 release, we’ve consolidated and enhanced our Governance & Security dashboards. You will now be able to view Cost Governance and Security Compliance dashboards from a single place.

Our Governance & Security dashboards allow you to get an overview of the state of resources associated with your HCP account. You can customize your dashboard metrics by adding Governance Dashboard widgets. You can also choose how and where these widgets appear in your dashboard. Currently, the HCP supports the following dashboard widgets and features:

Note:

  • These Governance Dashboard widgets are updated once every 20 minutes.

  • You can view dashboards if you are a HCP Tenant or Administrator. You’ll not be able to view the dashboard if you are only a HCP User.

This page covers the following topics:

View Dashboard

To view the Dashboard:

  1. Login to your HCP account.

  2. Click Governance & Security.

  3. Click Dashboard.

  4. Select your account from the Account dropdown. You will see the list of your AWS and Azure (Non-CSP only) accounts.

Notes:

  • The HCP portal has a 10-minute timeout window. If you’re inactive for 10 minutes, you’ll automatically get logged out of the portal.

  • Google Cloud Platform (GCP) is not supported by GovSec in HCP version 6.5.1.

  • Cost Governance supports Google Cloud Platform (GCP), Microsoft Azure - Cloud Service Platform (CSP), and Amazon Web Services (AWS) accounts.

Change Dashboard view

You will not be able to revert to the default dashboard view once you add or resize widgets.

You can move or resize widgets on the dashboard to change the dashboard view. Once you move or resize a widget your changes are saved and you will be able to see the new view whenever you log in to the HCP portal.

Dashboard Widgets

If you are a tenant, you’ll see the list of default Governance Dashboard widgets by default when you log in for the first time.

Add Widgets to the Dashboard

You’ll see the Add Widget button to the top right of your dashboard. This feature allows you to select widgets that display custom metrics on your dashboard. To add a widget to your dashboard:

  1. From your HCP account, navigate to Governance & Security > Select Dashboard > Click Add Widget.

  2. Select your widget.

Delete a Widget

To delete a widget:

  1. From your HCP account, navigate to Governance & Security > Select Dashboard > Click on Add Widget.

  2. Click on the X next to the widget.

  3. Your changes get saved instantly.

Default Dashboard Widgets

By default, you’ll see the following widgets in your dashboard: 

Risk Score

The Risk Score widget is a gauge that indicates risk compliance. The gauge range is between 1 to 100, where a score of 100 indicates that all resources for an account are fully compliant.

We’ve enumerated the method for calculating the Risk Scorecard:

  • Risk Scorecard
    100 – Sum of the normalized risk scores for all the non-compliant resources. 

  • Normalized risk score
    The Normalized Risk score of all the rules = (Risk score of non-compliant rules * 100)/(Sum of risk scores of all the policy rules)

Example:
Let’s assume that your policy consists of two rules:

  • Rule 1 with a risk score of 7, and Rule 2 with a risk score of 8

  • Where Rule 1 is non-compliant.
    As per the above formula for calculating Normalized risk score: 
    Normalized risk score = (7*100)/(7+8) => 46.66.
    The Risk Scorecard is:
    Overall Risk Score for the policy = 100 - 46.66 => 53.33.

Violations

  • The violations widget is a doughnut chart that indicates the status of:

    • Compliant and non-compliant resources.

    • Violated Rules and Policies for your HCP account.

  • Mouseover the doughnut chart to view the details of the Policy, Resources or Rule Violations.

    • A green status signifies compliance and red signifies non-compliance.

    • You can access Policies and Rule from Policy Management in your HCP portal. 

Inventory by Region

  • The Inventory by Region widget is a global map that pins the compliant and non-compliant resources across regions. This widget becomes functional when you add an account via the Account Management Menu and perform inventory discovery.

     

  • The Inventory by Region widget pins down the compliant and non-compliant resources for a region.

    • A green circle indicates that all resources for a particular region are compliant.

    • A red circle indicates a few non-compliant resources.

  • The resource count is depicted by the size of the circle.

    • A big circle indicates a higher resource count in a region.

    • A darker shade of red indicates that there are many non-compliant resources in that region.

    • Similarly, for a green circle, a darker shade of green indicates compliant resources.

Alert

The Alerts widget displays the count of non-compliant alerts that get triggered when a policy is erroneously executed or has issues. A count of non-compliant resources is displayed in the form of alerts.

You can click individual alert messages to view them in detail.

Policies

The Policies widget lists all compliant and non-compliant policies for a HCP account.

The widget also lists the non-compliant policies within the total resources discovered.

Additional Sections

In addition to the default view, you can add and view data for these widgets in the Dashboard:

Monitoring Status

The Monitoring Status widget displays the resource status for each region. Our dashboard reports the status of your resources by continuously monitoring them.

Resources by Region

The Resources by Region widget lists the count of resources discovered per region.

Resources by Service

The Resources by Service widget displays the count of resources for services in an account.

Resources by Owner

The Resources by Owner widget displays the count of resources owned by a HCP account holder. You can view this metric if you are an IAM user or have an IAM role. Resources without unassigned or unidentified roles or users are listed as Unknown.

Non-Compliant vs Compliant Resources by Region

This widget displays a bar chart that illustrates the list of compliant and non-compliant resources for a region.

Non-Compliant vs Compliant Resources by Services

This widget displays a bar chart that illustrates compliant and non-compliant resources for a service.

Non-Compliant vs Compliant Resource by Owner

This widget provides the comparative ratio between the compliant and non-compliant resources for a HCP account holder.

Overall Security Posture

This chart provides the historical trend for the overall security posture. The graph represents the historical trend for average security posture evaluations per day. If you want to view the average security posture for a specific day, mouse over the data point against the date.

Security Posture by Policy

This widget displays the individual risk score count for all the policies for an account. It is calculated in the same way as we calculate the Risk Score for a policy.

 

© 2020 CloudSphere