How manage the security?

How manage the security?

In this page you will find more details on unusd security and how we handle data.

🧙 Hub and Spoke model is using the Hub and Spoke model with an AWS IAM Role on each of your AWS accounts to be able to call a few describe and list (read-only) AWS API to track your unusd resources and spending information.

The AWS IAM Role uses an ExternalId which is unique by customer, so we get rid of the confused deputy problem.

hub-spoke model

👀 Read-only permissions

You will find below the read-only actions allowed on the AWS IAM Role:

Updated on 2022-07-14

💾 Data storage

We do not persist information related to your AWS account or any confidential AWS information. we only store meta data configuration items:

  1. AWS AccountIDs
  2. Email configuration settings
  3. Webhooks (Slack / Microsoft Teams) URLs
  4. Prefered scan schedule

🔒 Encryption

We are using TLS encryption at-rest and in-transit.

Recent Articles