Map

This topic explains how to work with the Map, found in the Cloud > Explore menu. For information on navigating the Map, see Cloud Map navigation.

For a list of resources you can view on the Map, see Illumio visibility for resource types. For a list of resources against which you can write policy, see Policy Enforcement and Resource Types.

What is the Map?

Organizations can find it difficult to understand their cloud topology. For example, understanding the relationships between the objects and related components such as security groups, tags, and other metadata in your cloud accounts is challenging. Cloud is designed to handle this challenge. Cloud analyzes these relationships to provide a view of assets with proper cloud hierarchy.

The Map displays a view of your cloud inventory as a network topology map for the your infrastructure. The map displays the relationships between your resources by using cloud native constructs. Go to the Map to view your entire state of cloud resources from the cloud accounts you have onboarded.

Use the Map to view your topology and analyze the traffic flow data. The map helps you visualize your resources and provides an understanding of the traffic flows between them.

Illumio synchronizes the data in cloud accounts you have onboarded, and displays the data in the Inventory, Traffic, and Map pages.

How the Map is organized

Using the Infrastructure View

Cloud organizes the Infrastructure View first by cloud — AWS, Azure, etc. Each public cloud has its own grouping in the Map.

The Map organization continues to get progressively more granular and displays resources in this hierarchy:

Region (Location) → VPC (VNet) → Subnet → Resources

The Map displays your resources within the regions. This example shows us-west-2 region in your AWS 13########## account.

When you zoom in to view a region, you see you the number of resources in that region. The Map tells you the count of the resources.

Each region of the Map contains the following types of objects:

Cloud hierarchy combo
This can be a cloud, account, region, VPC, or subnet that contains other resources. For example, a VPC combo can contain a subnet, and a subnet combo can contain an EC2 instance.
Resource combo
This is a group of resources of the same type, indicated with a number.
Resource node
This is an individual resource.

Limitations for using the Map

When the Map loads, there are limits on the number of objects it displays.

Resources: 2,000 objects
Traffic: 10,000 flows

These display limitations are not configurable. After you onboard your cloud accounts, Cloud discovers all their resources. To provide optimal display performance, Illumio sets these display limitations. These limitations are a UI limitation only. You can filter your Map to retrieve data about resources that aren't initially displayed when you elect to view your full Map. See Navigating the Cloud Map Infrastructure View for information.

When you encounter this display limitation, the Map includes a information message informing you to filter your Map to see more resources. For example, the following message indicates the current Map view is not displaying all traffic flows.

When the Map has more than 100 objects, by default it collapses the view for usability rather than displaying all objects.

Map

What is the Map?

How the Map is organized

Using the Infrastructure View

Limitations for using the Map

Traffic flow ingestion limitations

Search results