Connect Cloud Accounts

To scan cloud resources for security compliance, you must connect your cloud services to Tenable Cloud Security Console. When you connect your cloud services, you can select the required virtual private clouds (VPCs).

Tenable Cloud Security provides the following flows for onboarding cloud accounts:

• On-demand basis: You can manually onboard single or multiple (organization) accounts in Tenable Cloud Security. For more information about onboarding cloud accounts manually, see the following topics:

  • Onboard AWS Accounts

  • Onboard an Azure Account

  • Onboard a GCP Service Account

  For a detailed workflow for onboarding cloud accounts for each cloud provider, see the following Quick Reference Guides:

  • Onboarding AWS Accounts

  • Onboarding Azure Accounts

  • Onboarding GCP Accounts

• Autodiscovery: Tenable Cloud Security can automatically discover your cloud accounts and onboard them. You can use this flow of account onboarding for single or multiple account. In this flow for multiple account onboarding, Tenable Cloud Security can automatically discover the member accounts when you provide the credentials of the organization account. In addition, Tenable Cloud Security also schedules discovery every 24 hours and automatically discovers any new member accounts in the organization created after the initial onboarding. For more information about cloud account autodiscovery, see Discover Cloud Accounts.

After connecting cloud accounts, you can perform a misconfiguration or vulnerability scan for the cloud resources. Tenable Cloud Security uses Agentless Assessment for vulnerability scans (only for AWS and Azure).