Prerequisites for connecting an AWS account in a VPC

Views:

Before connecting an AWS account in a VPC, review the pre-deployment requirements to ensure a successful connection.

Before connecting an AWS account in a VPC, consider the following:

The Cloud Accounts app supports connecting AWS accounts in a VPC using the CloudFormation stack template only.
Connecting to an AWS account in a VPC is limited to single-account deployments. Connecting an AWS Organization in a VPC is not supported.
You must have access to a sign-in or user role with administrator privileges, including permission to manage AWS CloudFormation stack sets for the AWS account you want to connect.

The following services must be added to the allowed domains in your VPC environment:

Cloud Accounts feature	Required domains
Core features	.trendmicro.com .amazonaws.com
Cloud Detections for AWS CloudTrail	*.xdr.trendmicro.com
File Security Storage	.trendmicro.com .amazonaws.com e2883.dscb.akamaiedge.net wildcard-dsa2.icrc.trendmicro.com.edgekey.net
Cloud Detections for AWS VPC Flow Logs	.trendmicro.com .amazonaws.com

You must also ensure that the following service names are allowed in your VPC environment:

Cloud Accounts feature	Required VPC endpoint type and service
Core features	Gateway S3 Interface sts Interface ssm Interface cloudformation Interface ec2
Cloud Detections for AWS CloudTrail	Interface cloudtrail Interface sns Interface sqs Interface ssm Interface logs Interface ec2
File Security Storage	Gateway S3 Gateway dynamobd Interface lambda Interface cloudformation Interface ssm Interface sns Interface sqs Interface events Interface scheduler Interface states Interface logs Interface kms
Cloud Detections for AWS VPC Flow Logs	Gateway S3 Interface sts Interface cloudformation Interface ec2 Interface lambda Interface secretsmanager Interface logs (CloudWatch logs) Interface monitoring (CloudWatch metrics) Interface events (EventBridge) Interface sqs Interface appconfig Interface appconfigdata Interface ce (CostExplorer)