Account Governance - Cloud Accounts

Introduction

The platform offers a comprehensive dashboard for Account Governance, facilitating easy management of cloud accounts and integrated tool across various cloud providers and account types. This user guide focuses primarily on the cloud accounts dashboard.

The Account Governance dashboard provides an overview of onboarded cloud accounts, allowing users to access key details about their cloud accounts and perform additional actions like fixing invalid credentials, activating/deactivating accounts, improving cost governance, and more.

Users can drill down into each of their cloud account from the Account Governance dashboard to view important metadata and the statuses of all related product features, such as cost anomaly detection, security incidents, and more. This helps users understand which features are working, degraded, or inactive, and for what reasons – and provides options for addressing issues or changing configurations when relevant.

This provides users with a centralized viewpoint of the overall health of their onboarded cloud accounts, where they can easily make any necessary configurations as well as identify and address any issues as they come up.

Navigating to Account Governance for Cloud Accounts

To access the Account Governance page, on the left menu bar, click Governance > Account Governance > Cloud Accounts.

Account Governance Dashboard Overview (Cloud Accounts)

The Account Governance > Cloud Accounts dashboard displays key details for all your cloud accounts onboarded to the platform, based on the tenant view that is selected. If no cloud accounts have been onboarded yet, the page won’t show any information and provides an option to onboard a new cloud account.

Users can switch tenants to view summaries of their onboarded accounts across different cloud providers, and can also take advantage of various functionalities like search, bulk actions, filters, column customization, and data download to benefit from enhanced usability and efficiency.

Viewing Accounts by Cloud Provider

Users can use the Account Governance dashboard screen to view summaries of onboarded accounts for different cloud providers like AWS, Azure, GCP, and OCI. The detailed view presents account-specific details in a tabular format, including account name, ID, access type, onboarding status, and more. To view the account details, click the tab corresponding to the cloud provider for which you would like to view details.

The tab of the respective cloud providers will show as per the cloud account onboarded in the platform: AWS, Azure, GCP, and OCI.

Once you’ve selected a cloud provider tab, you can also select the specific account type to view more complete details. You can view the overall summary for each cloud account type in the insights card on the top of the screen, followed by the more detailed view in the table below it.

For example, for AWS Member Accounts, the insights card on the top of the screen displays the following:

  • Accounts with Invalid Credentials: Shows how many onboarded accounts have invalid access credentials. You can click Fix It to show a filtered view of accounts with invalid credentials in the table.
  • Deactivated Accounts: Shows how many onboarded accounts are deactivated. You can click Reactivate to show a filtered view of deactivated accounts in the table.
  • Not Onboarded Accounts: Shows how many accounts are not completely onboarded yet but are detected by the platform. You can click Onboard to show a filtered view of non-onboarded cloud accounts in the table.
  • Active and Governed Accounts: Shows how many active and governed accounts are available in the platform. You can click View to show a filtered view of these cloud accounts in the table.

Note: Similar insight card options are available for the other cloud providers.

Viewing Cloud Account Details

The table view on the Account Governance dashboard page shows the full details for different onboarded cloud account types. Each row corresponds to an account, and the columns cover specific details such as Name, ID, Status, Onboarding Date, and more.

Descriptions for the table columns are explained below.

Column NameDescription
Cloud Account NameThis shows the cloud account name.
Cloud Account IDThis shows the cloud account ID pulled from the cloud provider.
Access TypeThis shows the type of access, such as Read-Only, Read-Write, etc. If you click on any access type, then you can view the Onboarding Permissions page with pillar-wise details related to your account.
Onboarding StatusThis shows the status of onboarding, such as Onboard (i.e. Not Onboarded), Onboarded, In-progress, etc. You can click the link in this column to learn more about the onboarding status details for that account.
Cloud Account StatusThis shows the cloud account status, such as Active, Deactivated, N/A (this cloud account status shows up for accounts that are not onboarded), etc.
Credential StatusThis shows the credential status of the cloud account, such as – Valid, Invalid, In Progress, etc. 

- Valid: Account credentials are validated.
- Invalid: Account credentials are not valid.
- In Progress: Account credentials are being added and after the background processes are complete, the status will change to Valid. It may take a few minutes for the credential status to update.
- Expiry: Account credentials have expired.
Product ListThis shows the platform products associated with the account, such as FinOps, SecOps, etc.
Cloud Account ScopeThis shows the scope of the cloud account.
Onboarded to TenantThis shows the tenant name under which the account was onboarded.
Onboarded ByThis shows the name of the user who onboarded the account.
Onboarded DateThis shows the date when the account was onboarded.
ActionsYou can click the three vertical dots corresponding to an account and take any of the following actions:

View: Select this option to view the account details.  This will take you to the Cloud Account Status screen. Here users can view all the details related to an account in four sections: Cloud, Prerequisites, Credentials, and Basic Settings. You can also view the product-specific tabs that were selected during onboarding and view details about permissions, process status, and the governance configuration options. The governance configurations can be changed from here anytime.

Edit: Select this option to edit the account details after the onboarding process is complete for an account. This will allow you to update any step/field that was part of onboarding an account. You will also have options to edit account governance settings.

Deactivate: Select this option to deactivate an account. A dialog box appears, and you need to select Yes/No to proceed.

Trigger FinOps Governance Report: Select this option to generate the FinOps Governance Report. A dialog box appears, and you need to select Yes/No to proceed.

Change Access Type: Select this option to change the Read-Only access type to Read-Write access type. When users select this option, a dialog box appears where the user must type “Yes” in the box that appears and then click Yes.
Note that the access type change can be done only for active accounts that have the access type as Read-Only. After the access type is changed to Read-Write, it cannot be changed back to Read-Only.

Delete: Select this option to delete the account. A dialog box appears, and you need to select Yes/No to proceed. |

📘

Note:

The field names in the Account Governance dashboard view will vary based on the cloud provider, but actions that can be taken on the account remain the same for all cloud providers. The table above lists the column names that are common for all cloud providers.

Onboarding Cloud Accounts

You can use the Onboard Now option on the top-right corner of the screen as a shortcut to onboard new cloud accounts.

Selecting Onboard Now will take users to the starting page for onboarding a new cloud account (Settings > Onboard Accounts). Users onboarding an account must follow step-by-step instructions and fill in the correct details to complete the process.

For a full walkthrough of the cloud account onboarding process and how to complete it for different cloud providers, please refer to the below user guides:

Tenant Views

Users can switch between tenant views for different cloud providers to view summaries of all the onboarded cloud accounts for a specific tenant. Selecting the All tenants drop-down option allows users to view cloud accounts across all the tenants they have access to.

For Account Admins and Tenant Admins, the global Tenant view option is applicable. With this option, whichever tenant is selected will be retained to show across different modules, sections, and pages you navigate to.

🚧

Note:

When using the Global Tenant Filter to select the All tenants option on the Account Governance page, please be aware that this will disable the Onboard Now button. This is to help ensure that each new cloud account can only be onboarded into one specific tenant at a time.

📘

Note:

  • You can use the search box to search for an account on the Account Governance dashboard.
  • You can select multiple cloud account(s) and use the Bulk Action drop-down list to take any relevant actions such as, Activate, Deactivate, and Delete on all selected accounts.
  • You can use the Filter icon (on the right side of the dashboard) to view the ADD+ option. To apply a filter click ADD+, select an option, and apply any value(s). You can select multiple options to view specific account details in the dashboard.
  • You can use the Table Column Selector icon (located at the bottom-right corner of the screen) to select/deselect the columns to be displayed on the dashboard. In the Table Column Selector dialog box, you can also organize the order of columns by dragging and dropping the column names. The column name on the top of the list appears as the first column in the dashboard and the other columns follow the order of arrangement done in Table Column Selector. After making the column settings, be sure to click Save. You can also click Reset to clear all the existing settings.
  • You can use the Download icon to download a copy of the account details (.csv format).

Cloud Account Status & Configurations View

Users can also access the Cloud Account Status & Configurations view for any onboarded cloud accounts from the Account Governance Dashboard, where they can view account details and configure/review advanced settings for the product features associated with a cloud account.

You can access the Cloud Account Status & Configurations page view by selecting the three vertical dots under the Actions column for any onboarded cloud account listed in the table view, then select View.

For a full walkthrough of the Cloud Account Status & Configurations page view and the cloud account governance configurations options available in it, please refer to the Cloud Account Status & Configurations Dashboard user guide.