Integrate with AWS Using Keyless Authentication

You can configure Tenable Attack Surface Management to pull data from AWS using keyless authentication.

Before you begin

• Configure AWS for Keyless Authentication.

• Make sure that your role has the ReadOnlyAccess privilege.

  Note: Tenable Attack Surface Management does not make any modifications in your AWS account, but you must make sure that the keys have read-only privileges. For example, you can use the AWS-managed policy: ReadOnlyAccess.

• Make sure that you have the ARN of the role you created when configuring AWS for keyless authentication.

To integrate AWS with Tenable Attack Surface Management using keyless authentication:

1. In the upper-right corner, click the button.

   The All Integrations page appears.

2. Do one of the following:

   • In the All Integrations page, click Add > AWS - Keyless.

   • In the upper-right corner, click Add > AWS - Keyless.

   • In the bar above the table, click Add > AWS - Keyless.

     The Add AWS - Keyless Integration window appears.

3. In the Name box, type a name for the integration.

4. In the Role ARN box, provide the ARN value associated with the AWS role you created for this integration. For more information, see Configure AWS for Keyless Authentication.

5. Click Add.

   Tenable Attack Surface Management adds the integration.