While public cloud enables you to deliver applications to customers with efficiency and agility, it also places the responsibility of security in the cloud in the landscape of evolving cloud services and constantly changing resources. As security breaches due to cloud misconfigurations rise, it is important to gain visibility and proactively monitor cloud asset configurations to manage risk.

 

Introducing VMware Aria Automation for Secure Clouds Free Tier

VMware Aria Automation™ for Secure Clouds (formerly CloudHealth® SecureState™) is a real-time, contextual cloud native configuration security platform thatenables organizations to automate and scale security with ease across millions ofassets within thousands of cloud accounts. Developer and security operations teams looking for an intelligent cloud security posture management approach can get instant access to VMware Aria Automation for Secure Clouds Free Tier to improve resource visibility and reduce misconfigurations in a cloud account and a Kubernetes cluster of their choice.

Who can benefit from VMware Aria Automation for Secure Clouds Free Tier?
  • DevOps engineers
  •  Platform operations

Our unique, interconnected cloud security model

As you onboard your cloud accounts, VMware Aria Automation for Secure Clouds maps cloud objects, data and relationships, which are updated continuously to model your changing cloud environment. The service applies best practices based on predefined security and compliance benchmarks to this data lake and reports any security violations. This unique data model helps you visualize and examine any security violation detected in your cloud stack across both cloud and Kubernetes resources, and understand heightened risk due to adjacent objects’ risk posture.


It only takes a few minutes to fill a form, add a cloud account, and start using VMware Aria Automation for Secure Clouds Free Tier. Within no time, the service maps your cloud resources, relationships and metadata, giving you an easy way to search inventory and understand your cloud architecture. VMware Aria Automation for Secure Clouds Free Tier includes predefined security and compliance best practices, such as Center for Internet Security (CIS) benchmarks, to provide deep insight into misconfiguration risks.

Figure 1: An example of a Kubernetes service account associated with an IAM role andpermissions assigned to each of the workloads.

 

Key benefits

Using one platform, you can get an overview of cloud inventory and secure cloud native infrastructure with a unique ability to detect advanced misconfigurations due to relationships between cloud and Kubernetes resources. For example,Figure 1 shows that in an Amazon Elastic Kubernetes Service (EKS) cluster,a cloud identity and access management (IAM) role (cloud resources) can be attached with a Kubernetes service account (Kubernetes resources). And if you accidentally assign a high privilege cloud role with admin-level access, you could end up exposing your cloud account.

Investigate issues

  • Easily find cloud resources with simple, type-ahead search.
  • Understand relationships between cloud resources with visual graphs.
  • Inspect resource metadata and track configuration changes over time.

 

Reduce misconfigurations

  • Benchmark security and compliance posture based on the latest CIS frameworks.
  • Prioritize the most critical misconfigurations and suppress false positives.
  • Understand the security context of a misconfiguration, including the resourceblast radius.

 

Learn and collaborate

  • Get instant service access to start securing your cloud environment within minutes.
  • Learn security best practices with easy access to a rules wiki, documentation,and community support.
  • Invite team members to collaborate on your journey to minimize security risk.

 

Features by VMware Aria Automation for Secure Clouds edition

  Free Tier Enterprise
Capacity    
Assets monitored
1 cloud account and Kubernetes cluster
Unlimited
Cloud inventory
 
 
Update frequency
Daily
Near real time
Search queries
300/month
Unlimited
Data retention
30 days
13 months
Security operations
 
 
Violation risk scores
 
 
Policy suppression
 
 
Multiple users
 
 
Automated remediation
 
 
Projects with role-based access control (RBAC)
 
 
Ticketing integrations
Email and Slack
Jira Cloud, Webhook
Email, Slack, Amazon
Simple Queue Service (SQS), Splunk
Compliance
 
 
Built-in compliance benchmarks
 
 
Predefined security rules
 
 
Custom security rules
 
 
Custom compliance frameworks
 
 
Pre-scheduled reports
 
 
Support
Resources VMware docs Community support VMware docs
Community support

Dedicated customer success team
Supported clouds and services
Public clouds AWS, Azure, Google Cloud Platform
Managed Kubernetes services Amazon Elastic Kubernetes Service, Azure Kubernetes Service, Google Kubernetes Engine
Self-managed Kubernetes    
Supported resource types 350+ 350+

Who can benefit from VMware Aria Automation for Secure Clouds Free Tier?