Connect AWS Account

Use the following procedure to connect to an AWS subscription through Multicloud Defense's easy setup wizard.

Before you begin

  • You must have an active Amazon Web Services (AWS) account.

  • You must have an Admin or Super Admin user role in your Security Cloud Control tenant.

  • You must have Multicloud Defense enabled for your Security Cloud Control tenant.

Note

Multicloud Defense Controller version 23.10 defaults to IMDSv2 in the AWS EC2 instance when using Multicloud Defense Gateway version 23.04 or newer. For more information about the difference beween IMDSv1 and IMDSv2, see AWS documentation.

Procedure

Step 1

From the Multicloud Defense Controller dashboard, click Setup located to the left of the window.

Step 2

Select Connect Account.

Step 3

Select the AWS icon.

Step 4

Enter the following information in the modal:

  1. Click Launch Stack to download and deploy our CloudFormation template. This should open up another tab to deploy the template. Login to AWS is required.

  2. Copy and paste the controller IAM role ARN from the CloudFormation stack output in the CloudFormation template.

  3. In the Multicloud Defense Controller easy setup modal, enter the AWS Account Number. This number can be found in the output value Current Account of the CloudFormation Template.

  4. Enter an Account Name that will be assigned to your account in the Multicloud Defense Controller.

  5. (Optional) Enter an account Description.

  6. Enter the External ID. This is a random string for IAM role's trust policy. This value will be used in the controller IAM role created. You can edit or regenerate the External ID.

  7. Enter the Controller IAM Role. This is the IAM role created for the Multicloud Defense Controller during CloudFormation Template (CFT) deployment. Look for the output value MCDControllerRoleArm in CFT stack. It should be something similar to this: arn:aws:iam::<Acc Number>:role/ciscomcdcontrollerrole.

  8. Enter the Inventory Monitor Role. This is the IAM role created for Multicould Defense Inventory during CFT deployment. Look for the output value MCDInventoryRoleArn in CFT stack. Should be something similar to this: arn:aws:iam::<Acc Number>:role/ciscomcdinventoryrole.

Step 5

Click Next. The account is onboarded to the Multicloud Defense Controller.

What to do next

Once you've connected the account, Multicloud Defense Controller automatically starts to discover assets and inventory associated with the cloud service provider account. Note that this is different from discovering traffic. Because Multicloud Defense Controller discovers account assets and inventory by default, the next step in this wizard is to Enable traffic visibility.