You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/cloud-native-security/cspm-get-started-aws.asciidoc
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -28,7 +28,7 @@ This page explains how to get started monitoring the security posture of your cl
28
28
[[cspm-setup]]
29
29
== Set up CSPM for AWS
30
30
31
-
You can set up CSPM for AWS either by enrolling a single cloud account, or by enrolling an organization containing multiple accounts. Either way, first you will add the CSPM integration, then enable cloud account access. Two deployment technologies are available: agentless, and agent-based. <<cspm-aws-agentless, Agentless deployment>> allows you to collect cloud posture data without having to manage the deployment of an agent in your cloud. <<cspm-aws-agent-based, Agent-based deployment>> requires you to deploy and manage an agent in the cloud account you want to monitor.
31
+
You can set up CSPM for AWS either by enrolling a single cloud account, or by enrolling an organization containing multiple accounts. Either way, first you will add the CSPM integration, then enable cloud account access. Two deployment technologies are available: agentless, and agent-based. <<cspm-aws-agentless, Agentless deployment>> allows you to collect cloud posture data without having to manage the deployment of {agent} in your cloud. <<cspm-aws-agent-based, Agent-based deployment>> requires you to deploy and manage {agent} in the cloud account you want to monitor.
. Select *AWS*, then either *AWS Organization* to onboard multiple accounts, or *Single Account* to onboard an individual account.
42
42
. Give your integration a name that matches the purpose or team of the AWS account/organization you want to monitor, for example, `dev-aws-account`.
43
-
. Click **Advanced options** then select **Agentless (BETA)**.
43
+
. Click **Advanced options**, then select **Agentless (BETA)**.
44
44
. Next, you'll need to authenticate to AWS. Two methods are available:
45
-
.. Option 1: Direct access keys / CloudFormation (Recommended). Under **Preferred method** select **Direct access keys**. Expand the **Steps to Generate AWS Account Credentials** section, then follow the instructions that appear to automatically create the necessary credentials using CloudFormation.
45
+
.. Option 1: Direct access keys/CloudFormation (Recommended). Under **Preferred method**, select **Direct access keys**. Expand the **Steps to Generate AWS Account Credentials** section, then follow the displayed instructions to automatically create the necessary credentials using CloudFormation.
46
46
.. Option 2: Temporary keys. To authenticate using temporary keys, refer to the instructions for <<cspm-use-temp-credentials, temporary keys>>.
47
47
. Once you've selected an authentication method and provided all necessary credentials, click **Save and continue** to finish deployment. Your data should start to appear within a few minutes.
. Select *Azure*, then either *Azure Organization* to onboard your whole organization, or *Single Subscription* to onboard an individual subscription.
42
42
. Give your integration a name that matches the purpose or team of the Azure subscription/organization you want to monitor, for example, `dev-azure-account`.
43
-
. Click **Advanced options** then select **Agentless (BETA)**.
43
+
. Click **Advanced options**, then select **Agentless (BETA)**.
44
44
. Next, you'll need to authenticate to Azure by providing a **Client ID**, **Tenant ID**, and **Client Secret**. To learn how to generate them, refer to <<cspm-azure-client-secret, Service principal with client secret>>.
45
45
. Once you've provided the necessary credentials, click **Save and continue** to finish deployment. Your data should start to appear within a few minutes.
. Select *GCP*, then either *GCP Organization* to onboard your whole organization, or *Single Account* to onboard an individual account.
42
42
. Give your integration a name that matches the purpose or team of the GCP subscription/organization you want to monitor, for example, `dev-gcp-account`.
43
-
. Click **Advanced options** then select **Agentless (BETA)**.
43
+
. Click **Advanced options**, then select **Agentless (BETA)**.
44
44
. Next, you'll need to authenticate to GCP. Expand the **Steps to Generate GCP Account Credentials** section, then follow the instructions that appear to automatically create the necessary credentials using Google Cloud Shell.
45
45
. Once you've provided the necessary credentials, click **Save and continue** to finish deployment. Your data should start to appear within a few minutes.
. Select **Azure**, then either **Azure Organization** to onboard your whole organization, or **Single Subscription** to onboard an individual subscription.
45
45
. Give your integration a name that matches the purpose or team of the Azure subscription/organization you want to monitor, for example, `dev-azure-account`.
46
-
. Click **Advanced options** then select **Agentless (BETA)**.
46
+
. Click **Advanced options**, then select **Agentless (BETA)**.
47
47
. Next, you'll need to authenticate to Azure by providing a **Client ID**, **Tenant ID**, and **Client Secret**. To learn how to generate them, refer to <DocLinkslug="/serverless/security/cspm-get-started-azure"section="cspm-azure-client-secret"> Service principal with client secret </DocLink>.
48
48
. Once you've provided the necessary credentials, click **Save and continue** to finish deployment. Your data should start to appear within a few minutes.
1. Select **GCP**, then either **GCP Organization** to onboard your whole organization, or **Single Account** to onboard an individual account.
45
45
1. Give your integration a name that matches the purpose or team of the GCP subscription/organization you want to monitor, for example, `dev-gcp-account`.
46
-
1. Click **Advanced options** then select **Agentless (BETA)**.
46
+
1. Click **Advanced options**, then select **Agentless (BETA)**.
47
47
1. Next, you'll need to authenticate to GCP. Expand the **Steps to Generate GCP Account Credentials** section, then follow the instructions that appear to automatically create the necessary credentials using Google Cloud Shell.
48
48
1. Once you've provided the necessary credentials, click **Save and continue** to finish deployment. Your data should start to appear within a few minutes.
. Select *AWS*, then either *AWS Organization* to onboard multiple accounts, or *Single Account* to onboard an individual account.
45
45
. Give your integration a name that matches the purpose or team of the AWS account/organization you want to monitor, for example, `dev-aws-account`.
46
-
. Click **Advanced options** then select **Agentless (BETA)**.
46
+
. Click **Advanced options**, then select **Agentless (BETA)**.
47
47
. Next, you'll need to authenticate to AWS. Two methods are available:
48
48
.. Option 1: Direct access keys / CloudFormation (Recommended). Under **Preferred method** select **Direct access keys**. Expand the **Steps to Generate AWS Account Credentials** section, then follow the instructions that appear to automatically create the necessary credentials using CloudFormation.
49
49
.. Option 2: Temporary keys. To authenticate using temporary keys, refer to the instructions for <DocLinkslug="/serverless/security/cspm-get-started"section="option-3-temporary-security-credentials">Temporary keys</DocLink>
0 commit comments