In Cloud Computing This Week [Sep 25th 2020]
This week's roundup of all the cloud news.
Quite a bit of activity from the big 3 cloud...
In most instances, you don't need to.
Hava is a cloud-based SaaS, so you just need to enter your read-only credentials generated in your cloud accounts and you're good to go.
Yes - Enterprise clients can host their own copy of hava in the situation where company policy or security requirements prevent 3rd party cloud account access.
Hava connects to your AWS, GCP and Azure Accounts using a cross-account role or set of read-only credentials. It then polls your configuration settings and renders new diagrams every time your cloud configuration changes.
Currently hava will diagram and monitor AWS, GCP and Azure. As other cloud vendors gain market share, they may be added in the future.
We need an AWS cross-account role or a set of Azure or GCP read-only credentials to securely connect hava to your cloud config data.
We store these using AES Encryption.
You can also apply policy rules to these credentials to restrict access to anything you don't want hava to document.
Hava reads resource configuration data only via the cloud provider APIs.
We pull the minimum amount of data to establish what resources are configured and how they are connected.
Hava does not read user data or database content.
Any ultra-sensitive data you want to deny access to can be blocked via custom IAM policies.
You can chat to our security team on what you do & don't want to visualize on your network diagrams.
Hava stores metadata related to each running service such as resource ids, config values and current metrics that are required to build current up to date diagrams. We also store snapshots to build historical "Versions" history so you can see the state of your cloud infrastructure at any point in time.
Hava does not read or store any data from within user services or resources.
Any access you wish to deny can be configured within custom IAM/Credential policies of the various cloud provider data sources.
RDS is configured to store all data at rest.
Column level encryption of credential key pairs are also encrypted separately to ensure the cannot be read without a private key from the application server.
This protects against any potential packet injection attacks at an SQL level.
Hava provides 100% accurate interactive diagrams.
Once you have the ability to add or remove resources, the resulting diagram and documentation no longer represent the truth.
Because hava diagrams are generated for the source of truth they stand up to any scrutiny and compliance audit process.
Yes and No!
The interactive diagrams within the application are not editable to ensure the integrity of the diagrams.
You can however export the diagrams as images, pdfs, Visio drawings, CSV and even cloudformation JSON.
If you really want to go to town, the hava API will allow you to pull your hava config data to build your own diagrams and reports.
If you have a personal plan, you should probably import every time you change your infrastructure.
On business, professional and enterprise subscriptions, hava takes care of everything.
Your environments are polled hourly. If a change is detected a new set of diagrams are produced and the previous config is archived.
You can also invoke a sync manually if you have just made infrastructure changes and want to see them visualized prior to the next scheduled sync.
Hava maintains a version history, so you can open interactive diagrams from any point since you connected your cloud accounts.
This allows you to compare now to then and see what changed, which could be invaluable if a problem crops up in your network.
The hava API is available on the business and self hosted enterprise plans.
API documentation is available for subscribers on the eligible subscription levels.
When you are part of a large organisation, sometimes your team just needs to focus on one account or network segment containing your project.
Hava allows you to pin environments to the top of the dashboard and switch off the data sources you're not interested in.
When you connect your cloud, hava visualizes the major resources, logically laid out by VPC or Virtual Network.
Instead of flooding the infrastructure diagrams with all the metadata, network cards, rule sets and security groups, hava makes that data contextual to the resource you select on the diagram.
You can view the config minutiae in the attribute panel, so you always have the data you need without a cluttered unreadable diagram.
Hava visualizes the security layer of your cloud infrastructure.
AWS has a unique security view that shows all the security groups, all the open ports and the ingress/egress data so your security team can see at a glance exactly what is going on.
Yes. We have a fully self-hosted solution for enterprise clients that delivers a fully functional service without external connections to or from the hava SaaS platform.
Yes, speak to one of our friendly customer success managers to arrange a suitable time to run through hava with your team.
You can reach us via live chat, email or phone.
You can change plans at any time by logging into app.hava.io > Account > Billing > Choose your plan.
Changes will take effect immediately bearing in mind that dropping to a lower plan will remove the benefits available on your current subscription.
You can break our hearts at anytime you wish.
Log in to app.hava.io > Account
There is a prominent red "Cancel Account" button.
Log into app.hava.io. Adjacent to the "Account" menu bar option is a drop down menu.
Select "Personal Settings" > Change Password
Yes. We reduce the price of annual plans so you only pay for 10 months and get to enjoy the use of hava for the full 12.
Yes - as you can imagine the administration overhead on monthly invoicing is prohibitive, therefore we only extend Invoice arrangements to clients subscribing to an annual plan.
On request, we'll raise an invoice against your company purchase order and accept bank transfer and checks from approved clients. Chat to support if this is something you are interested in.
You have the full trial period to explore hava before billing commences.
If hava isn't a good fit for your business, cancel prior to the end of the trial period and you will not be billed.
A credit card is required to validate your account when signing up as a security measure. If you decide to keep using hava (& why wouldn't you) you don't need to do anything, our subscription processor "Stripe" will take care of everything.
We're constantly improving our SaaS platform which is built in the cloud and subject to the commercial realities everyone is exposed to.
From time to time we may reduce or need to increase existing plan pricing, or introduce new plans to better serve our customers.
That said, it is rare that pricing changes and you'll be the first to know well in advance of any planned changes.