Edit an AWS Frictionless Assessment Connector

Frictionless Assessment is now End of Provisioning (starting May 15, 2023), and new users will not be able to deploy Frictionless Assessment connectors. Frictionless Assessment will reach End-of-Support on December 31, 2023, and will no longer receive support or updates. However, existing Frictionless Assessment connectors will continue to function until the feature is End-of-Life on December 31, 2024. Tenable recommends that you transition to Tenable Cloud Security with Agentless Assessment for scanning your cloud resources. For more information, see the Tenable Vulnerability Management Release Notes.

The following is not supported in Tenable FedRAMP Moderate environments. For more information, see the Tenable FedRAMP Moderate Product Offering.

You can edit the name, tags, and network of an Amazon Web Services (AWS) Frictionless Assessment connector.

Note: If you edit an AWS Frictionless Assessment connector's tags, you have to redeploy the connector to your AWS accounts to update the tag information in AWS.

To edit your AWS Frictionless Assessment connector:

  1. Log in to your Tenable Vulnerability Management user interface and go to Settings > Cloud Connectors.

  2. From the Cloud Connectors table, click the AWS_FA connector that you want to edit tags for.

    The Edit connector page appears.

  3. Edit the connector:

    • To edit the connector name, click the Connect Name field and enter a new name.

    • To edit the connector tags, do the following:

      1. In the Tag Key box, type the AWS tag key.

        For example, in the AWS tag Tenable:FA, the tag key is Tenable.

      2. In the Tag Value box, do one of the following:

        For example, in the AWS tag Tenable:FA, the tag value is FA.

      Tip: You can only specify one tag for AWS Frictionless Assessment.

      Note: The tag key and value are case sensitive and must match what is in AWS exactly.

      Note: To use Frictionless Assessment with your AWS connector, you must enter an AWS tag key to identify hosts to be assessed by Frictionless Assessment. If you do not enter a tag key, the connector functions as discovery-only and assets are not assessed for vulnerabilities.

    • To edit the change the network the connector is linked to, select an existing network or create a new network using the Network drop-down menu. If you do not specify a network, Tenable Vulnerability Management selects your default network.

  4. Click the Download CFT button.

    Note: If you edited the connector tags, the button shows as Download CFT & Save.

    The CFT downloads in .yml format and the Cloud Connectors page appears with the updated connector information.

  5. If you edited the connector tags, redeploy the CFT to your AWS accounts (for more information, see the AWS documentation).

    If you need to deploy to more than one region, Tenable recommends deploying the template as a stack set (for more information, see the AWS stack set documentation).