CloudRunr Documentation
  • Overview
    • Our Features
    • Money back guarantee
  • Getting Started
    • Step 1 - Connect to AWS
    • Step 1a (Alternative) - Upload your On-premises Usage as Excel
    • Step 1b (Alternative) - Use VMWare env usage as Excel (RVTools)
    • Step 2 - How to read the CloudRunr comparison report
    • Inviting your team [Roadmap]
    • Adding additional AWS accounts
    • Post Linking your AWS account
  • Security & Access
    • Cross Account Role
    • Role Deployment
    • Ongoing Access
    • Access Management
  • Multi-account architecture
  • General FAQ
  • Request a Demo
Powered by GitBook
On this page
  • Restricted Access
  • Read-only permissions
  • App authentication and authorization
  • Security auditing
  1. Security & Access

Access Management

PreviousOngoing AccessNextMulti-account architecture

Last updated 9 months ago

Restricted Access

CloudRunr strictly follows AWS security best practices. We limit the cross-account role for use exclusively by CloudRunr's management account with the correct external ID.

Read-only permissions

We also restrict permissions so that CloudRunr can only access your billing data and infrastructure metadata, which excludes any application or user data. Here's an example of the information we extract from your infrastructure metadata:

Three m6i.xlarge on-demand instances have been running non-stop over the past month. 1450 GB-month of data was stored and billed for in S3 during the last month. A total of 780 GB-month of Elastic Block Storage gp3 usage was billed for the previous month. Using this data, we can identify equivalent (closest match) instances on Azure and Google Cloud and provide estimates based on the public pricing for the above usage.

App authentication and authorization

CloudRunr uses Auth0 as our authentication platform, which complies with nearly all security certifications, including GDPR, HIPAA, ISO27018, SOC II, ISO27001, and more. You can find additional information .

Security auditing

CloudRunr partners with third-party companies to perform regular penetration testing, identifying potential security risks. We're also currently working towards obtaining SOC II certification.

here