Before you process, please note the following:
- It may take less than 5 minutes to add an AWS Account with the Basic protection level and an additional 5 to 10 minutes to add an AWS Account with the Advanced protection level on Cloudnosys.
- You can only connect one AWS account to one cloud account (with Basic/Advanced protection level) on Cloudnosys, at a time.
Prerequisites #
Before you set up your AWS Cloud Account on Cloudnosys, you need to have:
- An AWS Cloud Account
- A user with a policy that allows admin access to AWS CloudFormation & IAM services
Choose a Protection Level #
- Navigate to the Cloud Accounts list page from the Setup module.
- Click on the Add Account button.
- Select AWS as your Cloud Account Provider.
- Give a name to your Cloud Account. Choose a name that will make it easily differentiable if you add more distinct AWS accounts on Cloudnosys.
- Select the Protection Level for your cloud account from the options given. The benefits of both options are outlined under their names.
- Click on the Next button to go to the next step.
Create Roles #
- If not already logged in to your AWS Account, log in by clicking on the “Login to AWS” button.
- Click on the “Create IAM Roles” button and then wait a bit for a new tab to open.
- If a new tab opens up, then skip to the next step. However, if a new tab does NOT get open up, then it may have gotten blocked by your browser.
- If you use Google Chrome you might see an icon in the Address Bar as shown below:
- Click on the Icon. This will display the popover shown below:
- Select the “Always allow” option
- Click on “Done”.
- Click on the “Create IAM Roles” button again.
- If you use Google Chrome you might see an icon in the Address Bar as shown below:
- In the new tab of AWS that gets opened, scroll down to the bottom of the page.
- Click on the checkbox before the statement “I acknowledge that AWS CloudFormation might create IAM resources with custom names” to mark it.
- Click on the “Create Stack” button. This will initiate the Roles Creation process.
Connect with Cloudnosys #
- Wait till all the relevant roles are created successfully, as highlighted in the image below:
- From the Output tab, copy the Role ARN created after deploying the CFT.
- Paste it in the “Cloudnosys Role ARN (RoleARN)” field.
-
- If you’re adding a Basic Protection Level cloud account then click on “Next” and skip the next section. Go straight to the Testing section.
- If you’re adding an Advanced Protection Level cloud account then follow the instruction in the next section.
Create Stack (for Advanced Protection Level only) #
The only difference between the process of adding an Advanced Protection Level cloud account and a Basic Protection Level cloud account is that of Creating a Stack.
Hence, skip this section if you are adding a Basic Protection Level cloud account.
- Choose an appropriate region to deploy the Cloudxray Stack in.
- Click on the “Deploy Stack” button and then wait a bit for a new tab to open.
- In the new tab of AWS that gets opened, scroll down to the bottom of the page and click on the “Create Stack” button. A similar process will begin as in the last section.
- Once the Stack gets deployed successfully, click on the checkbox before the statement “I acknowledge that I have deployed the Cloud Formation Template in my account & the creation of resources has been completed” to mark it.
- Click on “Next” to test the connection & add the cloud account.
Testing #
Once you are on the Testing step, Cloudnosys will automatically run a few tests to ensure that the Cloud Account got integrated properly with the intended settings.
Once the connection has been established successfully, the “Finish & Run Scan” button will become enabled.
Once you click on the “Finish & Run Scan” button, the scan will begin running instantly.