Resoto Rewind: A Cloud Infrastructure Time Machine
Resoto Rewind takes snapshots of the Resoto asset inventory graph and creates a timeline of the changes to your cloud infrastructure.
Rewind is like a time machine that allows you to see what your cloud environment looked like hours, weeks, months, or even years ago.
As cloud infrastructures grow and evolve, it can be challenging to keep track of their changing state. Whether it's to meet compliance requirements, conduct audits, perform capacity forecasting, or forensic investigation—understanding the history of your cloud environment is crucial.
Rewind doesn't just give you a log of events/changes or time series data, but offers detailed snapshots of your entire cloud environment.
Why Resoto Rewind?
-
If you've ever implemented new policies or made substantial changes to your cloud setup, you know how important it is to gauge the impact of these changes.
For example, if you've just introduced a new tagging policy, you can use Rewind to compare the state of your tag policy compliance today versus a month ago.
-
Imagine facing a security breach or a hacking event.
According to the latest Mandiant® M-Trends® report, the median dwell time (time from the start of a cyber intrusion to its detection) can range from few days to as high as several months. This means an attacker may have had access to your systems for a considerable amount of time before the breach was even detected.
Investigating such incidents requires a deep dive into the state of your cloud infrastructure around the time of the incident.
Rewind can be an invaluable tool for forensic analysis, allowing you to understand exactly how your security groups, user accounts and access policies looked at the time of the breach, aiding in identifying potential vulnerabilities that were exploited.
-
Rewind is also great for capacity forecasting.
By examining the evolution of your cloud infrastructure over time, you can better understand how your infrastructure is growing and plan for future capacity needs and reserved instance purchases.
Using Resoto Rewind
Rewind introduces two new functions to Resoto: the graph command and the --at flag on the search command.
You can manually create a snapshot of your cloud infrastructure graph using the graph snapshot command and get a list of snapshots using graph list.
Use a snapshot in a search using the graph=<snapshot-name> filter on the search command or by adding the --at flag with a timestamp (e.g., --at 2021-06-20T12:00:00Z) or time delta (e.g., --at 1w).
Resoto automatically finds the snapshot closest to the specified time and uses it to perform the search.
Automated Snapshots
Rewind can create automated snapshots of your infrastructure on a schedule that you define. Set up hourly, daily, weekly, monthly, or yearly snapshots, and retain them for as long as you need.
The default schedule keeps 24 hourly, 7 daily, 4 weekly, 12 monthly, and 10 yearly snapshots.
You can edit the snapshot schedules to add custom labels (e.g., "biweekly") and tailor the snapshot schedule to your needs.
The system automatically manages these snapshots, creating new snapshots according to the schedule and deleting the oldest snapshots when the number exceeds the defined limit.
Asset Inventory Graph Export and Import
Rewind also gives you the power to export an asset inventory graph snapshot into a single file using the graph export command.
You can then import it back into the system, archive it, or import into another Resoto instance—your data is always accessible and portable.
A Look into the Future
Resoto Rewind is not just about looking into the past; it's also about preparing for the future.
By examining the state of your cloud infrastructure at different points in time, you can make more informed decisions about capacity planning, identify potential issues before they become major problems, and better understand the impact of the changes you make.
One use case on our roadmap is the ability to use Rewind to predict the future state of your cloud infrastructure.
By analyzing the evolution of your infrastructure, Rewind will be able to predict how your cloud environment will look in the future, empowering you to plan for capacity, budget, and other factors with greater accuracy.
We're thrilled to introduce Resoto Rewind and can't wait for you to try it! As always, we'd love to hear your feedback and suggestions. Chat with us on Discord or send us a message!
