Cloud scan setup: AWS
Configuration: The configuration of Service Control Policies (SCPs) must be performed at the organization level in AWS using an administrator account.
Monitoring: A technical point of contact is required to remediate vulnerabilities throughout the year.
Below are the deployment steps, detailed with screenshots at each stage:
1. Select Amazon Web Services
Go to the Cloud Scan tab, then Settings, then click New provider, and select AWS.
2. Create a new policy
Below is a summary of the steps required to create a new policy:
Go to AWS policy creator using your administrator account
Click on the JSON tab and copy the policy below into the JSON editor
Click Next
Policy to copy:
Name the policy StoikAdditionalPermissions
Click Create policy at the bottom of the page
3. Create a new role
Below is a summary of the steps required to create a new role:
Go to AWS role creator
Click AWS account, then Another AWS account, and copy the following account ID: 436578779424
Select Require external ID and copy the value displayed in the Stoïk Protect console
Click Next
Select the permissions StoikAdditionalPermissions and SecurityAudit
Click Next
Enter stoik-auditor as the Role name
Click Create role
4. Add an ARN identifier
Below is a summary of the steps required to add an ARN identifier:
Go to the stoik-auditor role you just created
Copy the ARN reference into the dedicated field in the Stoïk Protect console
Click Finish in the Stoïk Protect console
5. Complete
Click Finish in the Stoïk Protect console
Refresh the Stoïk page if needed
Last updated
Was this helpful?