Back to Blog
Lucidum Community Edition – Where the Magic Begins for Asset Discovery
February 10, 2021
Lucidum Official

The Lucidum community edition helps discover all users, assets (including ephemeral applications and micro-services), and data to give you full visibility into your AWS environment. It uses a variety of machine learning algorithms to solve the “unknown unknows” problem. Lucidum’s proprietary algorithms utilize graph learning, predictive modeling, NLP, topic modeling, and other cutting-edge technologies to triangulate, detect, and classify information gathered from disparate data sources. The community edition provides the same full search capability as the Lucidum enterprise edition and allows user to explore, post questions, and get answers from the data. Some typical use cases include:

1.Identifying abandoned, idle, or low-usage EC2 instance to reduce cost

2.Identifying public-facing S3 buckets with confidential files

3.Assessing risks of assets (e.g., EC2, S3 buckets) based on multiple risk factors to enhance cloud security and controls

Lucidum’s community edition is a fully self-service product. For a free community license key, visit the Lucidum website at and tell us who you are and how to reach you. We’ll send a free community license key to your email. A typical cloud environment only takes about an hour to set up so you can start seeing results.

Getting Started
Deploying Lucidum community edition consists of three quick stages:

1.Launch the virtual machine instance with Lucidum community product

2.Access Lucidum web UI and upload the community license

3.Start data ingestion into the Lucidum platform and explore the results

In order to initially bring up the Lucidum product, we recommend using our open-source Terraform code available at our GitHub repo for easier and smoother installation: .

Lucidum utilizes Terraform as the Infrastructure-as-Code tool for deployment on the cloud.

The Terraform scripts will launch the Lucidum virtual machine instance after some quick configurations such as AWS profile, region, availability zone, trusted CIDR ranges, subnet ID, and VPC ID. An example of Terraform configuration file is shown below:

All required actual resource creations will be taken care of by Terraform. This makes for an easy “one-click” installation experience by simply executing “terraform init” and “terraform apply” commands. You should have a running VM instance with the Lucidum community product in just a few minutes.

Once the Lucidum VM instance is ready, navigate to the web UI (HTTPS://{Lucidum-VM-IP-Address}/CMDB). Upon the first visit, the UI will redirect you to the license management page where you can upload the community license you received via email.

With the valid community license, you can then trigger Lucidum Airflow to schedule a job and begin data ingestion. By default, the Lucidum community product will try to collect data from the AWS services below:

1.Asset information: EC2, ELB

2.DNS information: Route53

3.Micro-service information: EKS, ECS, Lambda

4.Metrics and Logs: CloudTrail, CloudWatch

5.Database information: DynamoDB

6.File information: S3

7.User information: IAM

8.Other contextual information: Pricing, Tags

Depending on the data volume from your cloud environment, the data ingestion process could take as little as 20 minutes or up to several hours for larger environments. After the data ingestion process is completed, you can explore the results from our asset discovery and risk evaluation engines, or build, save, and schedule your own queries to alert yourself.

For an even more detailed description and step by step instructions of this entire process, visit

Hopefully this blog will put you on the fast track to shrinking your blind spots and finding your unknown unknowns. We’d love to hear your feedback, comments, or questions, and we’re sure others would too. Please let us know what you think on our community forum ( or drop by to read what others are saying.