Key-based Authentication Workflow
Tenable.io AWS connectors support key-based authentication that uses an IAM user with permissions and a secret key and access key. In this scenario, the Tenable.io AWS connector authenticates with your primary AWS account via a secret key and an access key. Additionally, you can manually configure secondary linked AWS accounts with trust relationships to your primary AWS account., as shown in the diagram below.
For more information about other AWS authentication options, see Amazon Web Services Connector.
To fully configure AWS key-based authentication with Tenable.io:
- In AWS, configure your primary AWS account to support key-based authentication for your connectors, as described in Configure AWS for Key-based Authentication.
- (Optional) In AWS, manually configure linked AWS accounts, as described in Configure Linked AWS Accounts (Key-based).
- In Tenable.io, create your AWS connector, as described in Create an AWS Connector.