Skip to content

Security


Overview

Security is one of the five pillars of CloudAEye design. This topic describes security for CloudAEye SaaS.

Well-Architected Framework

CloudAEye SaaS follows AWS Well-Architected Framework. Our design principles include important topics such as "principle of least privilege and enforce separation of duties with appropriate authorization for each interaction", "apply security at all layers", "protect data in transit and at rest", "automate security best practices", etc.

Identity and Access Management

Priviledge management is done using centralized identity and access management. All human identities and access are managed using role based access control (RBAC) policies. All machine identities are controled using AWS access key concept.

Security During Agent to SaaS Communication

To secure the communiction while logs and metrics services agents send data from client side to CloudAEye SaaS (server side), AWS Signature Version 4 signing process is used. In order to accomplish this, each SaaS account is provided an access key consists of one access key ID and secret access key. This access key must be kept confidential. CloudAEye adopts shared responsibility model for security. Please contact CloudAEye immidiately if your access key is compromised. CloudAEye will work with you to turn off that access key.