TOC & Recently Viewed

Recently Viewed Topics

Create an AWS Connector

Required User Role: Administrator

Before you begin:

To create an AWS connector:

  1. In the top navigation bar, click Settings.

    The About page appears.

  2. In the left navigation bar, click Connectors.

    The Connectors page appears.

  3. In the upper-left corner of the page near the Connectors label, click the button.

    The Select a Connector plane appears.

  4. In the Vulnerability Management section, click Amazon AWS.

    The Amazon AWS settings plane appears.

  5. In the Connector Name box, type a name for the connector.
  6. Do one of the following, depending on how you configured authentication for AWS:
    • If you configured AWS to support keyless authentication via role delegation:
      1. In the Account ID box, type your primary AWS account ID.
    • If you configured AWS to support key-based authentication:
      1. Use the Use Access Key / Secret Key toggle to enable the key-based authentication option.

        The Access Key and Secret Key boxes appear.

      2. In the Access Key box, type the access key that you obtained when configuring AWS.
      3. In the Secret Key box, type the secret key that corresponds to the access key you typed in Step b.
  7. Use the Auto Discovery toggle to enable or disable automatic discovery of linked accounts and CloudTrails.

    Note: Auto Discovery is enabled by default when using AWS role delegation (keyless authentication). Auto Discovery is disabled by default, and cannot be enabled, if AWS was configured to support key-based authentication.

  8. If using Access Key / Secret Key authentication or if Auto Discovery is disabled:
    1.  (Optional) To add linked AWS accounts, in the Add Linked Accounts section, click the button.

      The Add Linked Accounts settings plane appears.

      1. In the Account ID box, type the account ID for the Amazon AWS account that you want to link. For information about configuring linked accounts, see Configure Linked AWS Accounts (Keyless Manual) or Configure Linked AWS Accounts (Key-based).

        Tip: The minimum length for the ID is 12 characters. To display error messages, hover over the Account ID box.

      2. Click Add to add the linked accounts.

        The Amazon AWS settings plane reappears.

    2. In the Select AWS CloudTrails section, click the button to add CloudTrails.

      The Select AWS CloudTrails settings plane appears.

      1. Select the check boxes corresponding to the trails that you want to connect to Tenable.io. You must select at least one trail.
      2. Click Done to add the trails you selected.

        Tenable.io displays the Amazon AWS settings plane.

  9. Use the Schedule Import toggle to enable or disable scheduled imports.

    Note: By default, Tenable.io requests new and updated asset records every 12 hours.

    If enabled:

    • In the Import text box, type the frequency with which Tenable.io sends data requests to the Azure server.
    • In the drop-down box select Minutes, Hours, or Days.
  10. Do one of the following:
    • To save the connector, click Save.
    • To save the connector and import your assets from AWS, click Save & Import.
  11. Note: There may be a short delay before your assets appear in Tenable.io.

 

Copyright © 2019 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.. Tenable.sc, Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.