Cloud computing platforms
      Back to home
      1. Knowledge Base
      2. Integrate your account
      3. Cloud computing platforms

      Set up your Amazon Web Service integration

      Learn how to retrieve lists of your running AWS compute instances and include them as the scanning targets in Autobahn Fit

      Table of content

      Autobahn Fit’s integration with Amazon Web Service

      Required elements to prepare

      Integrate your AWS with Autobahn Fit page

      Enable or disable your integration

      Update your AWS integration configuration

      View your AWS assets on the Assets page

      Autobahn Fit’s integration with Amazon Web Service

      Uploading your Amazon Web Service account credentials enables us to automatically retrieve a list of your running AWS compute instances. These cloud IPs and any other assets Autobahn Fit discovers with the asset discovery engine are used as targets for the scanning engine. This tutorial explains how to set up this integration.

      Required elements to prepare

      By integrating your Amazon Web Service with Autobahn Fit, you enable Autobahn to automatically discovers any running instance(s) hosted on AWS. This means that Autobahn can also scan these assets. To enable the integration, key elements are required:

      1. Access key ID

      2. Secret access key

      3. Code of the AWS region you use

      4. Set permission for global credential

      Retrieve your Access key ID and Secret access key

      1 - Log in to the AWS Management Console.

      2 - Click on your User profile in the top right corner.

      3 - From the drop-down, select My Security Credentials.

      4 - In the IAM Management Console, scroll down until you see the section Access keys for CLI, SDK, & API access.

      5 - If you have an Access key ID already, you will find it here. If you do not see one, click Create access key to generate a new one. For this, you need the AWS permission iam:CreateAccessKey, so make sure you have this permission before creating a key ID. More information on permissions in the AWS documentation.

      6 - Important: If you just created a new Access key ID, take note of the Secret access key shown right after generation. You can also download the CSV file which contains both the Access key ID and the Secret access key.

      To recap, the Secret access key is only shown once when generating a new Access key ID. If you do not have this information anymore, create an Access key again as per the steps above.

      Retrieve your AWS region code

      1 - While logged in to the AWS Management Console, find the name of the AWS region used (next to the Support key). In our example, this is Frankfurt. Click on that region.

      2 - Next to the region you are using, you see the AWS abbreviation (code), in our example eu-central-1. Copy this code for later use.

      Set the correct access rights in AWS

      For Autobahn to query the relevant AWS assets, your AWS account to which the Access key ID and Secret access key belong to, must have the correct policy that allows for action ec2:describeInstances

      Follow these steps to add permissions to your AWS account to ensure you have the correct policy:

      1 - While logged in to the AWS Management Console, search for IAM in the search bar.

      2 - Click on IAM listed in the Services section.

      3 - In the IAM dashboard, select Users on the left navigational bar.

      4 - Here, select the username of your AWS account and in the screen that follows click Add permissions.

      5 - In the Add permissions screen, click on Attach existing policies directly. In the filter, type AmazonEC2ReadOnlyAccess, select it and click on Next: Review. In the final screen, click Add permissions.

      You are all done!

      Integrate your AWS with Autobahn Fit

      After you are done with the preparation on your AWS account, you can integrate your account by log into your Autobahn Fit account.

      1 - On your Autobahn Fit account, navigate to the Integration page by clicking the Integrations button on the sidebar.

       

      2 - Click the Configure button on the Amazon Web Service card. You will be directed to the Amazon Web Service integration page.

      3 - Input the integration label on the Label field.

      2 - Select the Scope of credentials.

      There are two options for the scope of credentials:

      For specific region: select this option to allow assets from specific region to be included in your asset inventory.

      Global: select this option to allow all assets from all regions to be included in your asset inventory by adding a single credentials.

      Please note that due to the nature of Amazon Web Service’s project and region setup, we cannot pull the projects from the United Arab Emirates (UAE) region through the single credentials function. Thus, to get projects from the UAE region, you must select the specific region in this section.

      3 - Fill the Access key ID field.

      4 - Fill the Secret access key field.

      5 - To save the credentials, click the Save button

      Enable or disable your integration

      After you integrate your AWS account, you can enable or disable the integration. Disabling your integration will keep the credentials and the previously pulled data in our platform, but will stop the automatic data collection.

      1 - Navigate to the Integrations page.

      2 - Switch off the toggle on the top right of the AWS card.

      Update your AWS integration configuration

      1 - Navigate to the Integrations page.

      2 - Click the Edit button on the bottom of the AWS Software card.

      3 - You will be directed to the AWS Integration page. Click the Reset button to change the credentials.

      Reseting the credentials will not affect the data that has been pulled into Autobahn Fit.

      View your AWS assets on the Assets page

      After you enable the integration, the assets will appear on the Assets page. You can see the data source on the Source column.