Connect AWS accounts to Azure Security Center
Connect AWS Account:
Follow the steps below to create your AWS cloud connector.
Step 1:
Set up AWS Security Hub:
a) Enable AWS Config:
I. To configure AWS Config, open the AWS Config console and enable if from the getting started guide. Once it’s configured, you will view the settings and make sure that it’s turned on.
II. On the Settings page, for Resource types to record, specify all the resource types you want AWS Config to record. These resource types are AWS resources or third-party resources or custom resources.
III. For AWS Config role, choose either an existing AWS Config service-linked role or choose a role from your account by entering your account ID. Service-linked roles are predefined by AWS Config and include all the permissions that the service requires to call other AWS services.
IV. For Delivery method, choose the Amazon S3 bucket to which AWS Config sends configuration history and configuration snapshot files:
- Create a bucket — For S3 bucket name, type a name for your Amazon S3 bucket.
- Choose a bucket from your account — For S3 bucket name, choose your preferred bucket.
- Choose a bucket from another account — For S3 bucket name, type the bucket name
V. For Amazon SNS topic, choose Stream configuration changes and notifications to an Amazon SNS topic to have AWS Config send notifications such as configuration history delivery, configuration snapshot delivery, and compliance. If you chose to have AWS Config stream to an Amazon SNS topic, choose the target topic:
- Create a topic — For Topic Name, type a name for your SNS topic.
- Choose a topic from your account — For Topic Name, select your preferred topic.
- Choose a topic from another account — For Topic ARN, type the Amazon Resource Name (ARN) of the topic. If you choose a topic from another account, the topic must have policies that grant access permissions to AWS Config.
VI. If you are setting up AWS Config in a region that supports rules, choose Next and Confirm.
b) Enable AWS Security Hub:
- When you open the Security Hub console for the first time, choose Get Started and Enable
Step 2:
Set up authentication for Security Center in AWS:
There are two ways to allow Security Center to authenticate to AWS:
- Create an IAM role for Security Center — This is the most secure method and is recommended
- AWS user for Security Center — A less secure option if you don’t have IAM enabled
I. Create an IAM role for Security Center From your Amazon Web Services console, under Security, Identity & Compliance, select IAM.
II. Select Roles and Create role.
III. Select Another AWS account.
IV. Enter the following details and select next:
V. In the Attach permission policies section, select the following policies:
- SecurityAudit
- AmazonSSMAutomationRole
- AWSSecurityHubReadOnlyAccess
VI. Select next and In The Roles list, choose the role you created.
Step 3:
Create an AWS user for Security Center:
I. Open the Users tab and select Add user.
II. In the Details step, enter a username for Security Center and ensure that you select Programmatic access for the AWS Access Type and select next Permissions.
III. Select Attach existing policies directly and apply the following policies:
- SecurityAudit
- AmazonSSMAutomationRole
- AWSSecurityHubReadOnlyAccess
IV. Select Next: Tags. Optionally add tags. Adding Tags to the user doesn’t affect the connection and select review. ( Select Next: Tags. Optionally add tags. Adding Tags to the user doesn’t affect the connection. Review the summary and click Create user.)
Complete Azure Arc prerequisites
Step 4:
Connect AWS to AZURE Security Center:
I. From Security Center’s menu, select Multi cloud connectors and select Connect AWS account.
II. Configure the options in the AWS authentication tab:
- Enter a Display name for the connector.
- Confirm that the subscription is correct. It is the subscription that will include the connector and AWS Security Hub recommendations.
III. Select Review + Create
Step 6:
Confirmation:
I. When the connector is successfully created, and AWS Security Hub has been configured properly: Ones you finish the configuration, your AWS cloud connector will be valid.
II. Monitoring your AWS resources As shown above, Azure Security Center’s security recommendations page displays your AWS resources together with your Azure multi cloud view.
That’s the brief about Connect AWS accounts to AZURE Security Center. Let’s see you in the next article.
