AWS

You can import new assets directly from your AWS by giving Halo Security restricted read access.

Import assets directly from Route53, ElasticIP, and Elastic Load Balancer by integrating with AWS.

Halo Security Setup

Visit your Account > Integrations > Add.
Add the AWS integration.
Add a name for the integration.
Enter your AWS account information and click Save Changes.

Keep this page open while configuring the AWS permissions.

AWS Setup

In your AWS dashboard navigate to Identity and Access Management (IAM)
Click Roles then Create role
Select AWS account
Select Another AWS account and Require external ID. Add the external ID value found in your integration settings.
Click Next
On Add permissions click Next
Add Role name: HaloSecurity
Add Description: Must remain in place for HaloSecurity to function correctly. Email support@halosecurity.com for assistance.
Click Create role
Select the role you just created: HaloSecurity
Under Add permissions, select Create inline policy
Click JSON and paste the custom policy provided below
Click Next
Add Policy name: HaloSecurity
Click Create Policy

Once you've created the policy, return to the Halo Security dashboard and click Run on the integration to confirm it is working correctly.

Custom Policy JSON

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "HaloSecurity01",
            "Effect": "Allow",
            "Action": [
                "ec2:Describe*",
                "elasticloadbalancing:Describe*",
                "route53:GetHostedZone",
                "route53:ListHostedZones",
                "route53:ListResourceRecordSets",
                "route53:ListHostedZonesByName",
                "s3:ListAllMyBuckets",
                "cloudfront:ListDistributions",
                "organizations:ListRoots",
                "organizations:ListOrganizationalUnitsForParent",
                "organizations:ListAccounts"
            ],
            "Resource": "*"
        }
    ]
}

Monitor Dynamic IP Addresses

If you're connected with AWS, Halo Security can monitor assets with dynamic IP addresses by setting an AWS Instance ID for targets. For more information, see the Scan Configuration page.

Sending Events to AWS

You can also send events from Halo Security to AWS, using the instruction below:

PreviousGoogle Cloud NextCloudflare

Last updated 1 month ago

Was this helpful?

AWS Setup

In your AWS dashboard navigate to Identity and Access Management (IAM)

Click Roles then Create role

Select AWS account

Select Another AWS account and Require external ID. Add the external ID value found in your integration settings.

Click Next

On Add permissions click Next

Add Role name: HaloSecurity

Add Description: Must remain in place for HaloSecurity to function correctly. Email support@halosecurity.com for assistance.

Click Create role

Select the role you just created: HaloSecurity

Under Add permissions, select Create inline policy

Click JSON and paste the custom policy provided below

Click Next

Add Policy name: HaloSecurity

Click Create Policy

Once you've created the policy, return to the Halo Security dashboard and click Run on the integration to confirm it is working correctly.

Custom Policy JSON

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "HaloSecurity01",
            "Effect": "Allow",
            "Action": [
                "ec2:Describe*",
                "elasticloadbalancing:Describe*",
                "route53:GetHostedZone",
                "route53:ListHostedZones",
                "route53:ListResourceRecordSets",
                "route53:ListHostedZonesByName",
                "s3:ListAllMyBuckets",
                "cloudfront:ListDistributions",
                "organizations:ListRoots",
                "organizations:ListOrganizationalUnitsForParent",
                "organizations:ListAccounts"
            ],
            "Resource": "*"
        }
    ]
}

Monitor Dynamic IP Addresses

If you're connected with AWS, Halo Security can monitor assets with dynamic IP addresses by setting an AWS Instance ID for targets. For more information, see the Scan Configuration page.

Sending Events to AWS

You can also send events from Halo Security to AWS, using the instruction below:

AWS