Prerequisite Tasks for Integration with AWS

Before querying AWS with the Tenable Log Correlation Engine Web Query Client, you must perform the following tasks in AWS:

  1. In the AWS console, enable CloudTrail.

  2. Create one or more IAM users.

    • Generate an access key for each user.
    • Download the user security credentials.

  3. Attach the AWSCloudTrailReadOnlyAccess policy to each user, or the group that contains the users, created in step 2.

  4. Configure a Web Query Client policy to query CloudTrail.