Cloud Asset Context
The Censys Attack Surface Management (ASM) Cloud Connectors for AWS, GCP, and Azure and Wiz integration retrieve various pieces of contextual cloud asset data to help you identify asset ownership for easier remediation.
Cloud asset context in the ASM web console
You can see the context data for an asset by clicking the linked text in the Source column in the Inventory table view in the ASM web console.
Cloud asset context data fields
All cloud asset context data fields are collected in objects prepended with cloud.. Use these fields to build search queries that target cloud context.
These fields can also be queried via the inventory search API endpoint.
AWS cloud context data fields
| Category | Metadata | Data field name |
|---|---|---|
| Organization | ARN | cloud.aws.organization.arn |
| Organization | ID | cloud.aws.organization.id |
| Organization | Management Account ARN | cloud.aws.organization.management_account_arn |
| Organization | Management Account ID | cloud.aws.organization.management_account_id |
| Organization | Management Account Email | cloud.aws.organization.management_account_email |
| Account | ID | cloud.aws.account.id |
| Account | Name | cloud.aws.account.name |
| Account | cloud.aws.account.email | |
| Account | Contact Type (Billing, Operations, or Security) | cloud.aws.account.contacts.type |
| Account | Contact Name | cloud.aws.account.contacts.name |
| Account | Contact Email | cloud.aws.account.contacts.email |
| Account | Tags | cloud.aws.account.tags |
| Resource | ARN | cloud.aws.arn |
| Resource | VPC ID | cloud.aws.vpc_id |
| Resource | Availability Zones | cloud.aws.availability_zones |
| Resource | Region | cloud.aws.region |
| Resource | Primary DNS Name | cloud.aws.dns_name |
| Resource | DNS Names | cloud.aws.dns_names |
| Resource | Public IPs | cloud.aws.public_ips |
| Resource | Private IPs | cloud.aws.private_ips |
| Resource | Role Name | cloud.aws.role_name |
| Resource | Tags | cloud.aws.tags |
Azure cloud context data fields
| Category | Metadata | Data field name |
|---|---|---|
| Management Group | ID | cloud.azure.management_group.id |
| Management Group | Name | cloud.azure.management_group.name |
| Subscription | ID | cloud.azure.subscription.id |
| Subscription | Tenant ID | cloud.azure.subscription.tenant_id |
| Subscription | Managed by Tenants | cloud.azure.subscription.managed_by_tenants |
| Subscription | Location Placement ID | cloud.azure.subscription.location_placement_id |
| Subscription | State | cloud.azure.subscription.state |
| Subscription | Tags | cloud.azure.subscription.tags |
| Subscription | Name | cloud.azure.subscription.name |
| Resource | ID | cloud.azure.id |
| Resource | Location | cloud.azure.location |
| Resource | Tags | cloud.azure.tags |
| Resource | Resource Group | cloud.azure.resource_group |
| Resource | Type | cloud.azure.type |
| Resource | Kind | cloud.azure.kind |
| Resource | Zones | cloud.azure.zones |
| Resource | Name | cloud.azure.name |
GCP cloud context data fields
| Category | Metadata | Data field name |
|---|---|---|
| Organization | ID | cloud.gcp.organization.id |
| Project | ID | cloud.gcp.project.id |
| Project | Name | cloud.gcp.project.name |
| Project | Number | cloud.gcp.project.number |
| Resource | Full Resource Name | cloud.gcp.name |
| Resource | Display Name | cloud.gcp.display_name |
| Resource | Location | cloud.gcp.location |
| Resource | Primary DNS Name | cloud.gcp.dns_name |
| Resource | DNS Names | cloud.gcp.dns_names |
| Resource | Public IPs | cloud.gcp.public_ips |
| Resource | Private IPs | cloud.gcp.private_ips |
| Resource | KMS keys | cloud.gcp.kms_keys |
| Resource | Labels | cloud.gcp.labels |
| Resource | Tags | cloud.gcp.tags |
Wiz cloud context data fields
| Category | Metadata | Data field name |
|---|---|---|
| Exposed Entity | ID | cloud.wiz.exposed_entity.id |
| Exposed Entity | Name | cloud.wiz.exposed_entity.name |
| Exposed Entity | Type | cloud.wiz.exposed_entity.type |
| Exposed Entity | Cloud Platform | cloud.wiz.exposed_entity.cloud_platform |
| Exposed Entity | Cloud Provider | cloud.wiz.exposed_entity.cloud_provider_url |
| Exposed Entity | External ID | cloud.wiz.exposed_entity.external_id |
| Exposed Entity | Native Type | cloud.wiz.exposed_entity.native_type |
| Exposed Entity | Region | cloud.wiz.exposed_entity.region |
| Exposed Entity | Region Location | cloud.wiz.exposed_entity.region_location |
| Exposed Entity | Region Type | cloud.wiz.exposed_entity.region_type |
| Exposed Entity | Resource Group | cloud.wiz.exposed_entity.resource_group_external_id |
| Exposed Entity | Status | cloud.wiz.exposed_entity.status |
| Exposed Entity | Subscription ID | cloud.wiz.exposed_entity.subscription_external_id |
| Application Endpoints | ID | cloud.wiz.application_endpoints.id |
| Application Endpoints | Name | cloud.wiz.application_endpoints.name |
| Application Endpoints | Type | cloud.wiz.application_endpoints.type |
| Application Endpoints | Port | cloud.wiz.application_endpoints.port |
| Application Endpoints | Host | cloud.wiz.application_endpoints.host |
Updated 2 days ago