Synchronization with Cloud: configuring the moving rule

21 May 2024

ID 199139

Expand all | Collapse all

During the Cloud environment configuration wizard operation, the Synchronize with Cloud rule is created automatically. This rule enables you to automatically move devices detected in each poll from the Unassigned devices group to the Managed devices\Cloud group, to make these devices available for centralized management. By default, the rule is active after it is created. You can disable, modify, or enforce the rule at any time.

To edit the properties of the Synchronize with Cloud rule and/or enforce the rule:

  1. In the main menu, go to Discovery & deployment → Deployment & assignmentMoving rules.

    A list of moving rules opens.

  2. In the list of moving rules, select Synchronize with cloud.

    The rule properties window opens.

  3. If necessary, specify the following settings in the Rule conditions tab, in the Cloud segments tab:
    • Device is in a cloud segment
    • Include child objects
    • Move devices from nested objects to corresponding subgroups
    • Create subgroups corresponding to containers of newly detected devices
    • Delete subgroups for which no match is found in the cloud segments

    If you enabled the Synchronize administration groups with cloud structure option when using the Cloud environment configuration wizard, the Synchronize with cloud rule is created with the Create subgroups corresponding to containers of newly detected devices and Delete subgroups for which no match is found in the cloud segments options enabled.

    If you did not enable the Synchronize administration groups with cloud structure option, the Synchronize with cloud rule is created with these options disabled (cleared). If your work with Kaspersky Security Center Cloud Console requires that the structure of subgroups in the Managed devices\Cloud subgroup matches the structure of cloud segments, enable the Create subgroups corresponding to containers of newly detected devices and Delete subgroups for which no match is found in the cloud segments options in the rule properties, and then enforce the rule.

  4. In the Device discovered by using the API drop-down list, select one of the following values:
    • No. The device cannot be detected by using the AWS, Azure, or Google API, that is, it is either outside the cloud environment, or it is in the cloud environment but for some reason it cannot be detected by using an API.
    • AWS. The device is discovered by using the AWS API, that is, the device is definitely in the AWS cloud environment.
    • Azure. The device is discovered by using the Azure API, that is, the device is definitely in the Azure cloud environment.
    • Google Cloud. The device is discovered by using the Google API, that is, the device is definitely in the Google cloud environment.
    • No value. This criterion cannot be applied.
  5. If necessary, set up other rule properties in the other sections.

The moving rule is configured.

See also:

Step 4. Segment polling and configuring synchronization with Cloud

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.