Help Center/
Well-Architected Framework/
Well-Architected Framework and Practices/
Security Pillar/
Cloud Security Governance Policies/
SEC01 Cloud Security Governance Policies/
SEC01-03 Compiling an Asset List
Updated on 2025-05-22 GMT+08:00
SEC01-03 Compiling an Asset List
Sort all the cloud resources involved in workloads, such as servers, IP addresses, domain names, databases, and certificates, and label the resources. In this way, you can quickly locate resources with security risks if a security incident occurs.
- Risk level
High
- Key strategies
- Consistency between the development state and runtime state: Implement cloud service resources based on the architecture design and documents. The architecture of the running workload should always be the same as designed.
- Automatic asset stocktaking: Use security cloud services or tools to automatically discover and record cloud resources, including servers, storage, databases, and networks. This ensures the asset list is up-to-date and accurate.
- Tags and metadata: Use tags and metadata to classify and describe cloud resources to better organize and manage resource lists. Tags can be used to quickly identify and filter resources, facilitating monitoring and security audit.
- Related cloud services and tools
- InnoStage Workbench: This solution workbench can assist in the visualized design of the cloud architecture.
- SecMaster: SecMaster can automatically count assets on the cloud, flexibly manage diverse assets outside the cloud, and display the real-time security status of assets.
- Config
- Tag Management Service (TMS)
Parent topic: SEC01 Cloud Security Governance Policies
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
