This article emphasizes the importance of knowing one's environment in cloud security, as a lack of visibility can lead to exploitation by attackers. To achieve this knowledge, five steps are outlined: mapping out the SDLC, capturing configuration attributes for resources, tying cloud resources to applications, identifying initial exploit vulnerabilities, and laying out potential attack paths. By following these steps, organizations can create comprehensive knowledge of their environment, which is a precondition for effective cloud security. This approach requires intentional and deliberate effort to build visibility into cloud systems, rather than relying on mere observation or external tools.