Skip to main content

CSPM-AWS Integration using IAM Role

Overview

This page explains how to get started monitoring the security posture of your cloud assets using the Cloud Security Posture Management (CSPM) feature.

Set up cloud account access

The CSPM integration requires access to AWS’s built-in SecurityAudit IAM policy in order to discover and evaluate resources in your cloud account. To provide access we need:

Create IAM User

Follow AWS’s IAM roles for Amazon EC2 documentation to create an IAM role using the IAM console, which automatically generates an instance profile.

  1. Create an IAM role:

    1. In AWS, go to your IAM dashboard. Click Roles, then Create role.
    2. On the Select trusted entity page, under Trusted entity type, select AWS service.

    3. Under Use case, select EC2. Click Next.

      The Select trusted entity screen in AWS

    4. On the Add permissions page, search for and select SecurityAudit. Click Next.

      The Add permissions screen in AWS
    5. On the Name, review, and create page, name your role, then click Create role.

  2. Attach your new IAM role to an EC2 instance:

    1. In AWS, select an EC2 instance.

    2. Select Actions > Security > Modify IAM role.

      The EC2 page in AWS
    3. On the Modify IAM role page, search for and select your new IAM role.
    4. Click Update IAM role.

Create Direct access keys

Access keys are long-term credentials for an IAM user or AWS account root user. To use access keys as credentials, you must provide the Access key ID and the Secret Access Key. After you provide credentials, finish manual setup.

For more details, refer to Access Keys and Secret Access Keys.

  • Access key ID: The first part of the access key.
  • Secret Access Key: The second part of the access key.

 

Please provide the following information to CyTech Support: 

  • Access key ID
  • Secret Access Key

source: https://www.elastic.co/guide/en/security/current/cspm-get-started.html

No Comments
Back to top