1. Docs
  2. Pulumi Insights
  3. Pulumi Insights Concepts
  4. How Pulumi Insights Account Discovery works

How Pulumi Insights Account Discovery works

    Insights Account Discovery enables organizations to gain visibility into their entire cloud infrastructure through the Pulumi Insights platform. It works by scanning cloud provider accounts and building a comprehensive inventory of resources in the Insights supergraph, regardless of how those resources were created or are currently managed.

    Here are some key concepts:

    Account management

    The Accounts page in the Pulumi Cloud console serves as the central hub for managing the Account Discovery process. From this page, you can:

    • View all configured accounts and their current scan status
    • Create new accounts
    • Monitor the progress of infrastructure discovery
    • Configure scanning settings for each account

    When you create a new account, Insights automatically generates child accounts based on your cloud provider’s structure. For AWS accounts for example, this means separate child accounts for each region you specify, allowing granular control over the discovery process.

    Resource discovery process

    Account Discovery integrates with Pulumi ESC to securely manage the credentials needed for scanning cloud resources. This integration ensures that credential management follows enterprise security best practices.

    During each scan, Insights:

    • Authenticates to your cloud provider using read-only credentials from ESC
    • Identifies resources present in your account
    • Collects detailed metadata about each resource
    • Records resource relationships and dependencies
    • Updates the Insights supergraph with the latest resource state

    Exploring Your Infrastructure

    Once scanning is complete, your resources become available through three main interfaces:

    1. Resource Explorer provides a structured view of your infrastructure, with capabilities for grouping, filtering, and sorting resources
    2. Resource Search enables you to find specific resources or groups of resources
    3. Pulumi AI assist and Copilot allows natural language queries about your infrastructure, such as “Find all public IP addresses”

    The Resource Explorer interface supports:

    • Custom grouping by dragging and dropping column headers
    • Advanced filtering through column-specific filters
    • Flexible column management for customized views
    • Direct access to resource metadata and relationships

    Resource Relationships

    Insights maintains a graph of relationships between your resources. For example, it tracks connections between:

    • S3 buckets and their associated bucket policies
    • Virtual machines and their attached storage
    • Network interfaces and security groups
      Platform Engineering Workshop Series - Register Now