APISupportDashboard

AWS

You can import new assets directly from your AWS by giving Halo Security restricted read access.

Import assets directly from Route53, ElasticIP, and Elastic Load Balancer by integrating with AWS.

Halo Security Setup

  1. Visit your Account > Integrations > Add.

  2. Add the AWS integration.

  3. Add a name for the integration.

  4. Enter your AWS account information and click Save Changes.

Keep this page open while configuring the AWS permissions.

AWS Setup

  1. In your AWS dashboard navigate to Identity and Access Management (IAM)

  2. Click Roles then Create role

  3. Select AWS account

  4. Select Another AWS account and Require external ID. Add the external ID value found in your integration settings.

  5. Click Next

  6. On Add permissions click Next

  7. Add Role name: HaloSecurity

  8. Add Description: Must remain in place for HaloSecurity to function correctly. Email support@halosecurity.com for assistance.

  9. Click Create role

  10. Select the role you just created: HaloSecurity

  11. Under Add permissions, select Create inline policy

  12. Click JSON and paste the custom policy provided below

  13. Click Next

  14. Add Policy name: HaloSecurity

  15. Click Create Policy

Once you've created the policy, return to the Halo Security dashboard and click Run on the integration to confirm it is working correctly.

Custom Policy JSON

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "HaloSecurity01",
            "Effect": "Allow",
            "Action": [
                "ec2:Describe*",
                "elasticloadbalancing:Describe*",
                "route53:GetHostedZone",
                "route53:ListHostedZones",
                "route53:ListResourceRecordSets",
                "route53:ListHostedZonesByName",
                "s3:ListAllMyBuckets",
                "cloudfront:ListDistributions",
                "organizations:ListRoots",
                "organizations:ListOrganizationalUnitsForParent",
                "organizations:ListAccounts"
            ],
            "Resource": "*"
        }
    ]
}

Monitor Dynamic IP Addresses

If you're connected with AWS, Halo Security can monitor assets with dynamic IP addresses by setting an AWS Instance ID for targets. For more information, see the Scan Configuration page.

Sending Events to AWS

You can also send events from Halo Security to AWS, using the instruction below:

AWS
PreviousGoogle CloudNextCloudflare

Last updated

Was this helpful?