Amazon Web Services Connector
The following feature is not supported in Tenable Vulnerability Management Federal Risk and Authorization Management Program (FedRAMP) environments. For more information, see the FedRAMP Product Offering.
The Amazon Web Services (AWS) connector provides real-time visibility and inventory of EC2 instances in your AWS account.
To import and analyze information about EC2 instances in AWS, you must first configure AWS to support your connector configuration, then create an AWS connector in Tenable Vulnerability Management.
You can create an AWS connector to discover AWS assets and import them to Tenable Vulnerability Management. Assets discovered through the connectors do not count against the license until and unless the asset is scanned for vulnerabilities.
To assess AWS assets for vulnerabilities, Tenable recommends that you use Frictionless Assessment to assess for vulnerabilities in the cloud. Alternatively, you can run a Tenable Nessus scanner or agent scan, which runs plugins locally on the host.
Goal | Connector Type |
---|---|
Discover AWS assets and assess for vulnerabilities using Frictionless Assessment The cloud connector discovers AWS assets and collects an inventory of data points on your AWS EC2 instances, then assesses the hosts for vulnerabilities in the cloud, rather than running plugins locally on the host. For more information, see Frictionless Assessment for AWS . |
|
Discover AWS assets The cloud connector discovers AWS assets without assessing them for vulnerabilities. Optionally, you can scan discovered assets later using a Tenable Nessus scanner or agent scan. For more information, see AWS Cloud Connector (Discovery Only). |
|
To manage existing AWS connectors, see Manage Connectors.