AWS v2

Import assets directly from Route53, ElasticIP, and Elastic Load Balancer by integrating with AWS.

Halo Security Setup

1. In your Halo Security dashboard navigate to Seeds -> Connectors -> Add Connector.

2. Select AWS v2.

3. Enter your AWS account information and click Save Changes.

AWS Setup

1. In your AWS dashboard navigate to Identity and Access Management (IAM)

2. Click Roles then Create role

3. Select AWS account

4. Select Another AWS account and Require external ID. Add the external ID value found in your connector settings.

5. Click Next

6. On Add permissions click Next

7. Add Role name: HaloSecurity

8. Add Description: Must remain in place for HaloSecurity to function correctly. Email support@halosecurity.com for assistance.

9. Click Create role

10. Select the role you just created: HaloSecurity

11. Under Add permissions, select Create inline policy

12. Click JSON and paste the custom policy provided below

13. Click Next

14. Add Policy name: HaloSecurity

15. Click Create Policy

Custom Policy JSON

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "HaloSecurity01",
            "Effect": "Allow",
            "Action": [
                "ec2:Describe*",
                "elasticloadbalancing:Describe*",
                "route53:GetHostedZone",
                "route53:ListHostedZones",
                "route53:ListResourceRecordSets",
                "route53:ListHostedZonesByName",
                "s3:ListAllMyBuckets",
                "cloudfront:ListDistributions",
                "organizations:ListRoots",
                "organizations:ListOrganizationalUnitsForParent",
                "organizations:ListAccounts"
            ],
            "Resource": "*"
        }
    ]
}