Cloud based Discovery FAQ

What are the benefits of using Cloud based discovery?

Cloud based discovery is great for discovering data stores hosted on your cloud platform, such as: databases, warehouses and storage buckets, as well as their geography.

How to setup Cloud based discovery?

Cloud (and other) discovery tools are setup using the Radar tool in the application. See Instructions

Mine supports Cloud discovery for top cloud providers:

Azure - discover stores such as: Cosmos DB, SQL Server, MySQL, PostgreSQL, Blob Storage, Azure Files, Archive Storage, etc.
GCP - discover stores such as: Cloud Storage, Cloud SQL, BigQuery, BigTable, Cloud Spanner, Firestore, AlloyDB, Firebase, Filestore, etc.
AWS - Aurora, DynamoDB, RDS, DocumentDB, Relational Database Service, Neptune, Timestream, EBS, EFS, S3, etc.

What permissions does Mine require for Cloud based discovery?

Please see the table below for the permissions required depending on the provider you use.

Microsoft Azure

Permission

Usage

Global Reader

provides authority to access all resources in all of your subscription but cannot modify anything among the available subscriptions.

Read all resources and identify find databases, warehouses and storage buckets.

Microsoft Graph API permissions reference: https://learn.microsoft.com/en-us/graph/permissions-reference

Google Cloud Platform (GCP)

Permission

Usage

Viewer

Permissions for read-only actions that do not affect state, such as viewing (but not modifying) existing resources or data.

Read all resources and identify find databases, warehouses and storage buckets.

Google APIs permissions reference:

Amazon Web Services (AWS)

Permission

Usage

arn:aws:iam::aws:policy/ReadOnlyAccess

provides read-only access to all AWS services and resources.

Read all resources and identify find databases, warehouses and storage buckets.

AWS permissions reference: https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html