Skip to main content
Skip table of contents

Rapid7 InsightCloudSec

What is Rapid7 InsightCloudSec?

Rapid7 InsightCloudSec is a fully-integrated cloud-native security platform CNAPP (Cloud Native Application Protection Platform). InsightCloudSec provides continuous security and compliance of your cloud environment with a fully-integrated cloud-native security solution.

Why Should You Use the Rapid7 InsightCloudSec Connector?

The Rapid7 InsightCloudSec connector provides visibility into devices and applications in your environment. You can use this visibility to:

  • ensure assets and users are managed per your security policies

  • derive relationships between assets and users

How Does This Connector Work?

Lucidum executes read-only requests to the Rapid7 InsightCloudSec REST API and ingests only meta-data about Rapid7 InsightCloudSec applications and devices. Lucidum does not retrieve any data stored on InsightCloudSec.

Configuring the Connector in Lucidum

Field

Description

Example

URL

URL of the API for InsightCloudSec

https://my.insightcloudsec.com/v2

API Key

The API Key for:

  • a basic user that has read-only access

JxyODZ7fzLiNgfvsdjepZo6UgOV1o2fBeWN5gvQ4LZsCOkbDL8s

Threads

Number of parallel API threads to spawn in Lucidum to retrieve data from InsightCloudSec.

Default value is 8.

8

Enriched Resource Types

Resources for which you want very broad and detailed data. For details on enriched data, see https://docs.rapid7.com/insightcloudsec/api/v3/#operation/initiate-iac-scan

Retrieving enriched data might burden your InsightCloudSec system, so use this feature judiciously.

By default, only the instance resource is included in this field.

Specify the resource name as it is used in the API (usually all lowercase and no spaces). To get a list of resource names via the API: https://docs.rapid7.com/insightcloudsec/api/v3/#operation/query-resources-v3-etl

instance

User Resource Types

User data to ingest from InsightCloudSec.

List the user-related resources you want to inges, usually found in the Identity & Management category. https://docs.rapid7.com/insightcloudsec/resource-type-categories/#identity-management

Specify the resource name as it is used in the API (usually all lowercase and no spaces). To get a list of resource names via the API: https://docs.rapid7.com/insightcloudsec/api/v3/#operation/query-resources-v3-etl

federatedgroup, federateduser, userpool

Excluded Resource Types

Resource types to exclude from ingestion. Lucidum will not ingest data from these resources.

To improve performance, you can excluding resources and speed up the data ingestion process.

Specify the resource name as it is used in the API (usually all lowercase and no spaces). To get a list of resource names via the API: https://docs.rapid7.com/insightcloudsec/api/v3/#operation/query-resources-v3-etl

containerimage

Entering Resource Names

To enter a resource name in the Enriched Resource Types, User Resource Types, or Excluded Resource Types fields:

  1. Specify the resource name as it is used in the API (usually all lowercase and no spaces). To get a list of resource names via the API, https://docs.rapid7.com/insightcloudsec/api/v3/#operation/query-resources-v3-etl

  2. Put your cursor in the field.

  3. Enter the resource name. Press Enter.

  4. The resource name appears in the field.

  5. You can add more resources to the field, using steps 2-4..

Source Documentation

Creating Credentials

To create a basic user with read-only access, follow the links below. Specify Local Authentication > API Key.

Required Permissions

Object

Permissions

Entitlement

Viewer

Role Permission

Global Access

API Documentation

https://docs.rapid7.com/insightcloudsec/api/v2/#operation/user-list

https://docs.rapid7.com/insightcloudsec/api/v3/#operation/query-resources-v3-etl

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.