- What data is used
- Data that is stored
- Data encryption
AWS keys are stored used AES encryption, but we also promote using Amazon Cross Account Roles for allowing access. Finally, the user is free to tighten the IAM policy to whatever it is that they're comfortable with, and Hava will work past any resources that can't be identified. This of course has limits, we must be able to retrieve a rudimentary amount of the EC2 data to create anything useful.
What data is used
Hava imports users data via the AWS or Azure APIs, the basic level of information it requires to generate a useful visualization centers around the AWS EC2 service. We offer a variety of IAM policy configuration that can allow or deny access to certain calls based on the users security policy and comfort of the service. This allows for a "progressive enhancement" style algorithm depending on the access granted to certain resources.
Data that is storedHava stores metadata around each running service (i.e. resource ids, configuration values, current metrics) to allow diagrams to be identified and created. Hava imports no data from within user services, but as above, users are welcome to alter the IAM policy to allow a level of access they're comfortable with.