Note |
---|
To fully use this screen, you must add the following permissions to your account:
|
Anchor Overview Overview
Overview | |
Overview |
You can use the Cloud Connections screen to sync your public cloud account into the Armor Management Portal (AMP). Afterwards, you can use AMP to:
- Collect and store logs with the Log Relay add-on product
View the security status of your instance in the Virtual Machines screen
Note While all instances from your public cloud account will appear in the Virtual Machines screen, you should only focus on the security status for the instances that contain the Armor agent.
- Add AWS Security Hub feature to your public cloud account.
Review Cloud Connections
...
The Cloud Connections screen displays the public cloud accounts you have synced.
Column | Description |
---|---|
Account Name | This column displays the descriptive name for your account. You can also click the arrow to see which Armor services are associated with the account. |
Provider | This column displays the public cloud provider. |
Account ID | This column displays the ID for your public cloud account. |
Status | This column displays the connection status between your Armor accounts and your public cloud account. |
...
You can use the Cloud Connections screen to sync your AWS public cloud environment with the Armor Management Portal (AMP).
To complete these instructions, you must be able to access your AWS console.
Note |
---|
Armor will generate an External ID for every new Cloud Connection account. As result, an incomplete cloud connection account will be listed in the table as (Pending Connection). You can click this entry in order to continue with the cloud connection creation process. |
...
- In the Armor Management Portal (AMP), in the left-side navigation, click Account.
- Click Cloud Connections.
- Click the plus ( + ) icon.
- In Account Name, enter a descriptive name.
- In Description, enter a short description.
- In Services, select the desired services.
- In IAM Role, copy the External ID. You will need this information at a later step.
- The Armor's AWS Account Number and External ID fields are pre-populated.
- Access the AWS console.
- Under Security, Identity & Compliance, click IAM.
- In the left-side navigation, click Roles.
- Click Create role.
- Under Select role type, select Another AWS account.
- In Account ID, enter 679703615338.
- Mark Require external ID.
- In field that appears, paste the External ID you copied earlier from the Armor Management Portal (AMP).
- Do not mark Require MFA.
- Click Next: Permissions.
- Locate and mark the SecurityAudit policy.
- Locate and mark the AWSSecurityHubFullAccess policy.
- Click Next: Tags.
- Click Next: Review.
- In Role name, enter a descriptive name.
- In Role description, enter a useful description.
- Click Create role.
- Locate and select the newly created role.
- Under Summary, copy the Role ARN information.
- Return to the Cloud Connections screen in AMP.
- Paste the Role ARN information into the IAM Role ARN field.
- Click Save Cloud Connection.
- Once the newly added cloud connections gathers data, the instance will appear in the Virtual Machines screen.
...
- Post Cloud Connections
- Delete Cloud Connections
- Get Cloud Connections
- Get Cloud Connections (Status)
- Get Cloud Connections (Service Types)
Info | ||||||
---|---|---|---|---|---|---|
Anchor |
|
...