Resource Health Overview
Resource Health is only available to organization administrators.
Resource Health gives you visibility into the state of your cloud resources. EntryGuard continuously monitors whether it can reach and manage your resources, and surfaces issues that need attention.
How It Works
EntryGuard tracks resource health through two automated processes:
Resource Verification
Every resource is periodically verified to confirm that:
- The associated credential is valid
- The resource exists in the cloud provider
- EntryGuard has the required permissions
When a verification fails, a VERIFY_FAILED event is recorded and the resource appears as an issue on the Resource Health page.
Rule Reconciliation
EntryGuard periodically checks that all IP rules it expects to be applied on a resource actually exist in the cloud provider. This detects drift caused by:
- Manual changes in the cloud console
- Cloud provider outages
- Network issues between EntryGuard and the provider API
When reconciliation detects missing rules, it re-applies them. If it cannot reach the resource at all, a RECONCILE_FAILED event is recorded.
Smart Recovery
To avoid notification spam, EntryGuard only records recovery events (VERIFY_OK, RECONCILE_OK) when a resource transitions from a failure state back to healthy. A resource that has always been healthy generates no events.
Where to Find It
Resource Health information appears in three places:
1. Sidebar Badge
The Resource Health nav item in the sidebar shows a red badge with the count of resources that currently have issues. This badge polls every 60 seconds.
2. Dashboard Banner
When issues exist, the dashboard shows an amber warning banner with the issue count. Click the banner to navigate directly to the Resource Health page.
3. Resource Health Page
Navigate to Resource Health under the Admin section in the sidebar. This page shows:
- Green banner when all resources are healthy
- Issue cards for each resource with active problems, showing the resource name, provider, type, error message, and when the issue started
- Event history table with all health events (filterable by resource), paginated
Event Types
| Event Type | Description |
|---|---|
| VERIFY_FAILED | Resource verification check failed |
| VERIFY_OK | Resource recovered from a verification failure |
| RECONCILE_FAILED | Rule reconciliation could not reach or update the resource |
| RECONCILE_OK | Resource recovered from a reconciliation failure |
Event Retention
Health events are automatically cleaned up after 30 days. This cleanup runs daily.
Responding to Issues
When you see resource health issues:
- Check the error message — Expand the issue card to see the specific error
- Verify the credential — Navigate to Credentials and check the status
- Re-verify the resource — Go to Resources and click the verify button
- Check the cloud provider — Ensure the resource still exists and hasn't been modified
Common causes of health issues:
- Credential rotation — Access keys were rotated in the cloud provider but not updated in EntryGuard
- Resource deletion — The resource was deleted in the cloud console
- Permission changes — IAM policies were modified, removing required permissions
- Network issues — Temporary connectivity problems to the provider API (usually self-resolving)
Next Steps
API Reference: For programmatic access, see Resource Health API.