Log in to Cloud Security portal using your credentials : https://acs-us.clouddefenseai.com/
After logging in, open "Administration" -> "Environment" -> "Add New Environment"
(screenshot below):
Click on "AWS"
There are 2 ways to link an AWS account:
- Using CloudFormation Template
- Providing Access and Secret Keys
Prerequisites:
- Make sure the AWS IAM user you'll use to create the CloudFormation Stack has the following permissions attached - AmazonSNSFullAccess, AWSCloudFormationFullAccess and IAMFullAccess.
Start with giving it a name. You can give any name for your account. Labels help you to identify the account. Some examples of labels are: US PROD, Dev server, etc.
Give your organization a name. An organization is where you can add multiple AWS accounts.
This is where you need to decide on the policies. You will see 3 checkboxes there:
- Minimum required policy: This is the minimum required policy (read-only) we would need to evaluate your resources. We will attach SecurityAudit, AWSSSODirectoryReadOnly policy to get information about your cloud users, policies, resources, and their configurations and Identity store data. This helps us to provide you with CSPM, Compliance, CIEM, Attack-Path-Graph, and more. To check what actions can be performed by CloudDefense if this policy is attached, Click here
- Required policy for Workload Scan: CloudDefense.Ai can scan servers in your cloud environment for vulnerabilities, malware etc. To achieve this without slowing down your running workloads, we use side scanning. To enable this feature check this box. Enabling this feature grants us permission to associate AmazonEC2FullAccess to a role which we will create to interact with your account. To check what actions can be performed by CloudDefense if this policy is attached Click here
- Required policy for Agentless Cloud Threat Detection: CloudDefense.AI uses AmazonS3ReadOnlyAccess which enables us to detect threats and anomalies in near real-time in your cloud environment without the installation of agents. To enable this feature check this box. To check what actions can be performed by CloudDefense if this policy is attached Click here
We will only scan the regions that you choose here. You can choose any specific region or all regions. This selection can be changed later.
Please review the details of the generated CloudFormation policy by clicking on the hyperlink on this page.
Click “Create Cloud Formation Template” button.
On the AWS screen, follow the steps to finishing adding CloudFormation policy:
- Click check box “I acknowledge that AWS CloudFormation might create IAM resources with custom names.“(Refer to image below)
- Click Create Stack button. (Refer to image below)
[Not preferred] Manually Providing AWS Access and Secret Keys
Step 1: Provide Access and Secret Keys
If you want to use AWS Access and Secret keys to link your account, you can do so. Click on the manual tab from the top and input the AWS Access key and Secret key.
Make sure that the IAM user has these minimum required policies attached:
- SecurityAudit
- AWSSSODirectoryReadOnly
- AmazonS3ReadOnlyAccess
You can check the instructions from the right side panel.
Start with giving it a name.You can give any name for your account. Labels help you to identify the account. Some examples of labels are: US PROD, Dev server, etc.
Now you give your organization a name. An organization is where you can add multiple AWS accounts.
We will only scan the regions that you choose here. You can choose any specific region or all region.
Once done click Connect account. Once the account is added, the scan will get automatically started.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article