1. The Need for Automated Cloud Governance
Maintaining a secure and cost-effective AWS environment manually is virtually impossible as your infrastructure scales. By leveraging Sunbird Insyte, teams can instantly identify security vulnerabilities and FinOps optimisation targets through a unified dashboard. Let's break down how simple it is to run a comprehensive scan of your cloud infrastructure.
2. Running Your First Infrastructure Audit
To begin, navigate to the Infrastructure Audits section in the Sunbird Insyte
console. From there, click the Run Audit Scan button. A configuration modal will
prompt you to select your target AWS region. In our example, we select us-east-1 and
click Confirm & Run.
The system will queue your scan for processing. After a few moments, clicking Refresh Scan Status will update the status indicator to a green "Succeeded", confirming that your environment data has been successfully ingested and analysed.
3. Reviewing Security Vulnerabilities
With the scan complete, head over to the Security tab located under the Governance menu. The Security Posture dashboard immediately highlights the risk overview.
For example, a typical audit might reveal a total of 135 findings, with a specific focus on 5 Critical Risks. The dashboard clearly flags severe issues, such as:
- AWSLAMBDA: Potential secrets found in Lambda function source code (e.g., hardcoded Secret Keywords).
- ECS: Potential secrets detected within ECS task definition environment variables.
- IAM: Highly permissive policies attached directly to users, or overly broad administrative access.
- S3: Buckets with public-read access policies exposing data to the public internet.
4. Uncovering FinOps Opportunities
Cloud optimisation isn't just about security; it's also about managing costs. Switching to the FinOps tab provides deep visibility into your cloud spend. The dashboard displays a straightforward Cost Insights panel showcasing the current 30-day cost—such as $29.00 in our demo environment—alongside the forecasted spend.
Below the overview, Sunbird Insyte breaks down your cost distribution across different AWS services and maps them directly to actionable Strategy Overviews. Some highly effective recommendations generated by the platform include:
- Right-sizing task allocations and utilizing Fargate Spot for ECS workloads.
- Monitoring utilisation and right-sizing based on precise metrics for EC2.
- Implementing S3 Lifecycle policies and storage tiering for long-term storage.
5. Exporting Actionable PDFs
The real value of an audit is in how easily the data can be shared with stakeholders and engineers. On both the Security and FinOps pages, Sunbird Insyte provides an Export PDF Report button. Clicking this generates a beautifully formatted, comprehensive PDF document outlining every finding, risk analysis, and FinOps recommendation ready to be saved and distributed.
Stop guessing about your cloud security posture and monthly bill. Try running your first automated audit today with Sunbird Insyte.