Views:

Add and connect an AWS account to the Cloud Accounts app to allow Trend Vision One to provide security for your cloud assets.

Adding an AWS account to the Cloud Accounts app allows Trend Vision One to access your cloud service to provide security and visibility into your cloud assets. Some Cloud Account features have limited support for AWS regions. For more information, see AWS supported regions and limitations.
Important
Important
The steps are valid for the AWS console as of November 2023.

Procedure

  1. Sign in to the Trend Vision One console.
  2. In the Trend Vision One console, go to Service ManagementCloud AccountsAWS.
  3. Click Add Account.
    The Add Cloud Account window appears.
  4. Select Single AWS Account.
  5. Specify the general information for the account.
    1. Specify the Account name to display in the Cloud Accounts app.
    2. Specify a Description to display in the Cloud Accounts app.
  6. Select the AWS region for CloudFormation template deployment.
    Note
    Note
    The default region is based on your Trend Vision One region.
    Some features and permissions have limited support for some AWS regions. For more information, see AWS supported regions and limitations.
  7. Choose which Features and Permissions to enable on the account.
    • Core Features: Connect your AWS account to Trend Vision One to discover your cloud assets and rapidly identify risks such as compliance and security best practice violations on your cloud infrastructure.
    • Cloud Detections for AWS CloudTrail: Enable Cloud Detections for AWS CloudTrail in your AWS account to get actionable insight into user, service, and resource activity with detection models identifying activity such as privilege escalation, password modification, attempted data exfiltration, and potentially unsanctioned MFA changes.
      Note
      Note
      This feature requires additional configuration of your CloudTrail settings. For more information, see CloudTrail configuration.
    • Agentless Vulnerability & Threat Detection: Deploy Agentless Vulnerability & Threat Detection in your AWS account to discover vulnerabilities in your Amazon EC2 instances with zero impact to your applications.
      Note
      Note
      Agentless Vulnerability & Threat Detection is a pre-release sub-feature and is not part of the existing features of an official commercial or general release. Please review the Pre-release Sub-Feature Disclaimer before using the sub-features.
    • Cloud Response for AWS: Allow Trend Vision One permission to take response actions to contain incidents within your cloud account, such as revoking access for suspicious IAM users. Additional response actions leverage integration with third party ticketing systems.
    • File Security Storage: Deploy Trend Vision One - File Security Storage in your cloud account to protect your cloud environment. File Security Storage uncovers malware so you can proactively protect your cloud storage. Select the regions where you want to deploy the File Security scanner.
      Select the AWS regions you want to deploy the feature to.
    • Real-Time Posture Monitoring: Deploy Real-Time Posture Monitoring in your AWS account to provide live monitoring with instant alerts for activities and events within your cloud environment.
      Select the AWS regions you want to deploy the feature to.
    Important
    Important
    Cloud Response for AWS and Real-Time Posture Monitoring require Cloud Detections for AWS CloudTrail to be enabled for your account.
    For more information about each feature and permission, see AWS features and permissions.
  8. Launch the CloudFormation template in the AWS console.
    1. If you want to review the stack template before launching, click Download and Review Template.
    2. Click Launch Stack.
      The AWS management console opens in a new tab and displays the Quick Create Stack screen.
  9. In the AWS management console, complete the steps in the Quick Create Stack screen.
    1. If you want to use a name other than the default, specify a new Stack name.
    2. In the Parameters section, configure the following parameters only if you have enabled Cloud Detections for AWS CloudTrail.
      • For CloudAuditLogMonitoringCloudTrailArn, provide the ARN for the CloudTrail you want to monitor.
      • For CloudAuditLogMonitoringCloudTrailSNSTopicArn, provide the ARN of the CloudTrail SNS topic.
        Important
        Important
        • The monitored CloudTrail and CloudTrail SNS must be on the same account and located in the same region you selected for the template deployment.
        • Do not change any other settings in the Parameters section. CloudFormation automatically provides the settings for the parameters. Changing parameters might cause stack creation to fail.
    3. In the Capabilities section, select the following acknowledgments:
      • I acknowledge that AWS CloudFormation might create IAM resources with custom names.
      • I acknowledge that AWS CloudFormation might require the following capability: CAPABILITY_AUTO_EXPAND.
    4. Click Create Stack.
      The Stack details screen for the new stack appears with the Events tab displayed. Creation might take a few minutes. Click Refresh to check the progress.
  10. In the Trend Vision One console, click Done.
    The account appears in Cloud Accounts once the CloudFormation template deployment is completed. Refresh the screen to update the table.