Aqua Hub Explore
This functionality is being shown in Preview mode. It is not yet available to customers.TABLE OF CONTENTS
- Overview
- Query building blocks: resources, properties, and risks
- Access the Explore screen
- Build a query
- Start again
Overview
The Explore UI screen allows you to:
- Construct queries, with the intuitive graphical UI, about resources in your environment that fulfill the conditions that you specify. The results (a list of resources) are displayed on the screen as you enter, remove, or hide each part of the query. When you update the query, Explore updates the results displayed dynamically.
- Save your query as a policy that will continually run and discover the resources confirming to the conditions of your query. The severity you assign to each policy determines how Aqua will bring these resources to your attention for priority treatment.
Query building blocks: resources, properties, and risks
The interactive query builder interface will guide you intuitively through the construction of queries.
A query begins with resources of one given type (organized in the UI by categories). You can refine the query by the addition of zero of more of the following building blocks:
- Resources of another type, which are associated with any of the sources of the initially specified type
- Properties; these are specific to the type of resource
- Security risks that have been found on the resource
The result of the query is the list of resources that meet all of the conditions specified: associated resources of other types, resource properties, and associated security risks.
The tables below list all of building blocks currently available. Definitions for each can be displayed in the UI by hovering over the object type in the query builder (see below).
Depending on your environment, certain resource and risk types may not be available for building queries.
Resources: categories, types, and properties
| Category | Resource type | Applicable properties |
|---|---|---|
| Compute | VM | Provider (e.g., AWS, Azure, GCP), type, region, name |
| Container | Name, root, privileged | |
| Function (serverless) | Provider, type, region, name | |
| Supply Chain | Repository | Provider, name, private |
| CI Pipeline | ||
| Container Image | Provider, name | |
| Cloud | Databases | Provider, region, name |
| Storage | ||
| Other Cloud Resources | Provider, region, name |
Security risks
| Vulnerability |
| Sensitive Data |
| Misconfiguration |
| Malware |
| Incident |
| Security Check |
| Internet Exposure |
Access the Explore screen
Select the Aqua Hub module from the mega menu.
Select Explore from the left-side menu.
You will initially see a screen like this.
Build a query
- Click the Select Resource Type control to bring up the query builder pop-up window. You will see a scrollable list of resource types; as the UI indicates, you can hover over any to see its description.
- Select one of the resource types. The complete list of resources of that type will appear. If the list is very long, you can click the Load More control at the bottom of the screen (not shown here).
- You can use the Search field to filter the list by resources whose names contain the search string you enter. For example; note that the number of resources has been reduced from 125 to 8:
You can reset the list filtering by clicking the x in the Search field. - To add a building block to the query, click the + (plus sign) control near the any of the resources in the query. This will bring up the query builder pop-up window to appear (as when you started). For example:
- Select the desired building block (resource type, property, or risk type). The list of resources will be updated to show only those which meet the new condition. In this example, there is only one VM that has a malware risk:
- Repeat the previous steps as desired; the resulting query can contain any number of building blocks.
- You can click the eyeball control near any building block to temporarily disable it.
This might be useful when you have added one or more condition that results in an empty list. For example, adding the Sensitive Data risk condition to the above results in an empty list (in other words, no VMs with both malware and sensitive data risks were found by Aqua:
By hiding the Sensitive Data condition, you can temporarily disable it:
Save a query as a policy
- Click this control in the upper right of the screen:
- Fill in the require information in the fields in the panel that appears:
- Click Create.
Start again
You can click the x near the resource type to delete the current query.
Did you find it helpful? Yes No
Send feedbackSorry we couldn't be helpful. Help us improve this article with your feedback.