Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Overview

You can use the Cloud Connections screen to add your public cloud environment into the Armor Management Portal (AMP).

Currently, this screen only supports Amazon Web Services (AWS).

You can use this screen to collect CloudTrail logs and EC2 instance logs.

To collect CloudTrail logs, you must have the Log Depot add-on product enabled. To learn how to enable Log Depot, see Log Depot.




Access the Cloud Connections screen

  1. In the Armor Management Portal (AMP), in the left side navigation, click Account.
  2. Click Cloud Connections.
  3. Account > Under Overivew > Cloud Connections
  4. Account Name, Provider (should only be AWS for now), Account ID


Add a public cloud account 

You can use the Cloud Connections screen to add your public cloud environment into the Armor Management Portal (AMP).


  1. In the Armor Management Portal (AMP), in the left side navigation, click Account.
  2. Click Cloud Connections.
  3. Click the green plus ( + ) icon. 
  4. In Account Name, enter a descriptive name. 
  5. In Description, enter a short description. 
  6. In Services, select the data type to collect. 
    • To collect CloudTrail logs, you must have the Log Depot add-on product enabled. To learn how to enable Log Depot, see Log Depot.
  7. In IAM Role, External ID and Armor's AWS Account Number are pre-populated; however, the IAM Role ARN will be empty. You need to set up an AWS IAM Role for Armor. 


Click the green plus sign to add a new public cloud account. 

ColumnDescription
Account Name
ProviderThe public cloud provider
Account ID

The account ID for your public cloud provider






Troubleshooting

you must have the correct permission 



In the Armor Management Portal (AMP), in the left side navigation, click Account.

Click Cloud Connections.

Account > Under Overivew > Cloud Connections

Account Name, Provider (should only be AWS for now), Account ID

 

See your cloud connections that you have established

Account ID can list multiple AWS accounts

 

Click plus button to create a new one on a screen Cloud Connection Detail

Account Name

Description

This collects:

Cloud Trail

EC2 Meta data

 

You must have Log Depot enabled to collect CloudTrail

 

“Need help setting up an AWS – I can review it (or put into the external KB)

 

 

This is in the VM page,

Date created “ when your AWS feature was created inAWS

Security groups from AWS

 

Update VM page; new columns for both complete and anywhere

Ellipses includes AWS name

 

Ec2 does not require log depot, but cloud trail does not 

update the virtual machine screen for new colums