Access Management

Restricted Access

CloudRunr strictly follows AWS security best practices. We limit the cross-account role for use exclusively by CloudRunr's management account with the correct external ID.

Read-only permissions

We also restrict permissions so that CloudRunr can only access your billing data and infrastructure metadata, which excludes any application or user data. Here's an example of the information we extract from your infrastructure metadata:

Three m6i.xlarge on-demand instances have been running non-stop over the past month. 1450 GB-month of data was stored and billed for in S3 during the last month. A total of 780 GB-month of Elastic Block Storage gp3 usage was billed for the previous month. Using this data, we can identify equivalent (closest match) instances on Azure and Google Cloud and provide estimates based on the public pricing for the above usage.

App authentication and authorization

CloudRunr uses Auth0 as our authentication platform, which complies with nearly all security certifications, including GDPR, HIPAA, ISO27018, SOC II, ISO27001, and more. You can find additional information here.

Security auditing

CloudRunr partners with third-party companies to perform regular penetration testing, identifying potential security risks. We're also currently working towards obtaining SOC II certification.