AWS IAM Integration with WatchGuard CloudDR

Applies To: WatchGuard CloudDR This topic applies to the WatchGuard Cloud Detection and Response product.

AWS Identity and Access Management (IAM) is a web service used to securely control access to AWS resources. AWS IAM enables you to set and manage guardrails and fine-grained access controls for your workforce and workloads. This guide describes how to integrate AWS IAM with CloudDR.

Available Features

• Misconfiguration Rules
• Identity Rules
• User Inventory

Prerequisites

To configure this integration, you must have:

• An AWS account with a permissions policy that includes these actions:

Copy

{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Statement1",
"Effect": "Allow",
"Action": [
"iam:ListUsers",
"iam:ListMFADevices",
"iam:ListGroups",
"iam:GetGroup",
"iam:ListPolicies",
"iam:ListUserPolicies",
"iam:ListAttachedUserPolicies",
"iam:GetAccountPasswordPolicy",
"iam:ListSAMLProviders",
"iam:ListOpenIDConnectProviders"
],
"Resource": "*"
}
]
}

To create the policy with the JSON editor:

1. Log in to your AWS IAM account in the IAM console at https://console.aws.amazon.com/iam/.
2. From the left navigation pane, select Policies.
3. Click Create policy.
4. In the Policy editor section, select JSON.
5. Paste a JSON policy document. Resolve any security warnings, errors, or general warnings generated during policy validation.
6. Click Next.
7. On the Review and create page:
   • In the Policy Name text box, enter a name.
   • (Optional) In the Description text box, enter a description.
8. Click Create policy to save your new policy.

To create the required credentials in AWS:

1. Log in to your AWS IAM account in the IAM console at https://console.aws.amazon.com/iam/.
2. On the IAM Console Home page, in the left navigation pane, enter Users in the Search IAM text box.
3. On the IAM users page, click the user name of an existing user or click Create users to create a user.
4. Select the Security credentials tab.
5. In the Access keys section, click Create access key.
6. In the Use case section, select a use case. Click Next.
7. Copy the generated Access key and Secret key and save the credentials in a secure location.

The Access Key and Secret Access Key form the key pair used to authenticate users.

Configure the AWS IAM Integration in CloudDR

To integrate AWS IAM with CloudDR:

1. In WatchGuard Cloud, select Configure > CloudDR.
2. Select the Integrations tab.
3. (Service Providers) From the Select Integrations View drop-down list, select Add Integrations.

   

4. In the AWS IAM widget, click Add.
5. Click Start Integration.
6. On the Access Key page, enter the Access Key ID. Click Next.
7. On the Secret Key page, enter the Secret Access Key.
8. Click Submit.

Related Topics

About WatchGuard CloudDR Integrations