Define an application individually
This topic explains how to manually define an individual application in Illumio Cloud. To automatically define an application with application discovery rules, to edit application definitions, or to export application definition reports, see Define an Application Automatically.
For an explanation of Cloud application definitions and how they relate to deployments, see Deployments and Applications.
Prerequisites
Before you define an application, you must have onboarded at least one cloud account. Defining a deployment is optional. For information about defining a deployment, see Define a Deployment.
Define Applications Individually (Manually)
From the left navigation, choose Application Discovery > Application Definitions.
Click Add. A page with the fields to define the application appears.
Enter a name and description (optional) for the application.
This name is what appears in Cloud. The name should be descriptive so that you can easily identify it in Cloud.
Though optional, providing a description helps other members of your organization understand the purpose of this application.
Click Add Resources Using Cloud Metadata.
Cloud metadata contains information about the instances of your running cloud resources and can include subnets and virtual networks. Cloud obtains your cloud tags directly from your cloud accounts. This data is the label that you assigned to a cloud resource along with an optional tag value.
You do not define your application instances using Illumio Cloud labels. Your applications are defined for Cloud purely based on cloud properties.
The Application Definition dialog box appears.
In the top-most drop-down list, choose whether to use cloud tags, virtual networks and subnets, or accounts to define the application.
In the Filter By Cloud Accounts field, select the accounts that are hosting the application resources. Continue selecting accounts until you've specified them all. To clear an account from the field, click backspace or click the X to clear them all.
In the Select field, select the specific tags or metadata (depending on the type your chose) that defines the application.
Tip
The list is pre-populated with values that Cloud discovered after you onboarded your cloud accounts. Depending on the size of your cloud environments, the list can get quite long. You can scroll the list to locate the values you want or type a value in the Select field to filter the list. The list refreshes with values matching your search criteria.
When done adding data, click Add to Selection. The tags or metadata move to the selected section.
You can continue this process to add as many tags or metadata as required to define this application.
When done, click Confirm Selection. The dialog box closes, and your selected tags or metadata appears in the Selected section.
If necessary, repeat the process using the other type of data until you've fully defined all resources for the application. For example, you chose to locate all the relevant clouds tags first and then repeated the process adding the relevant metadata.
Click the Auto Approve Setting toggle to ON if you want Illumio Cloud to automatically approve all discovered deployments and resources for this application. This skips the manual approval process for applications.
If you click the toggle to OFF, you must approve the application definition manually. See View and Approve an Application for information.
When you have defined the application with enough specificity, click Save.
The Application Definitions page refreshes and includes the new application: The Deployments column indicates that Cloud is discovering any defined deployments that host this application.
When the discovery process finishes, the list includes any deployments where Cloud discovered matching cloud tags or metadata.
Cloud does not populate the Deployments column if you choose not to define any for that application.
When Cloud finishes discovering your saved application definition, and your application is listed as pending approval, you can still modify the resources defined for the application. For instance, you can add or drop cloud tags in the application definition in such a way that it applies to an additional resource, and Cloud automatically re-synchronizes the application to include the new resource. Once an application is approved i.e., no longer pending, any subsequent resource modifications could trigger a new pending approval state for the application deployment.
Edit an Application Definition
You may wish to update or otherwise edit an application you have already defined. Use the following steps to do so.
From the Application Discovery > Application Definitions tab, find the application label for which you want to edit the definition.
Click View Details for the application of interest.
Click Edit. The in-application pop-up guide instructs you on how to proceed. Note that if during editing you change the Auto Approve Setting toggle, you must confirm and save to retain the toggle change.
Delete Individually Created Application Definitions
When you delete applications that are pending approval, Illumio Cloud simply deletes the application definitions.
When you delete approved applications, Illumio Cloud deletes the application definitions and the rulesets (policies) associated with the application definitions and the application instances. Illumio Cloud also disassociates any related resources from the application definitions being removed.
Delete Individually Created Application Definitions
From the left navigation, choose Application Discovery > Application Definitions. The Applications Definitions page appears and the Application Definitions tab is selected.
Select all the application definitions that you want to delete and click Remove.
A confirmation dialog box appears displaying the applications you are deleting.
Verify that you are deleting the correct applications and click Remove in the dialog box.
Delete Application Discovery Rule-Created Application Definitions
Note that deleting a discovery rule automatically deletes all application definitions associated with the rule. You may also choose to manually delete associated application definitions, as follows:
From the left navigation, choose Application Discovery > Discovery Rules. The Application Discovery page appears and the Discovery Rules tab is selected.
For the Application Discovery Rule in question, select the View Details link in its table row. The Details page for that rule appears.
In the Discovered Application Definitions section of the Details page, select all the application definitions that you want to delete and click the Remove button in the upper right of the Discovered Application Definitions section. This is different than the Remove button at the very top of the page, which is grayed-out when you select an application definition.
A confirmation dialog box appears displaying the applications you are deleting.
Verify that you are deleting the correct applications and click Remove in the dialog box.
Note
Illumio supports individual app creation including using GCP labels. Using GCP labels is not supported for Discovery Rules at this time.
Illumio recognizes GCP labels underIllumio cloud tags. This means that when you use the app discovery feature for GCP, cloud tags appear in the dropdown menu with the relevant prefix that indicates it is a GCP label. For example, cloud tags for GCP may have values like label/gcp-key:gcp-value.
Illumio supports only GCP labels at this time. Because GCP label values are optional, you may occasionally see empty tag values.
By participating in the BETA program for GCP features you agree that your company’s use of the BETA version of GCP features will be governed by Illumio’s Beta Terms and Conditions.
What's Next
Approve your application. (Each instance of the application in different deployments requires approval.) See View and Approve an Application for information.
Begin creating policy for your application. See Writing Application Policy for information.