AWS

Import assets directly from Route53, ElasticIP, and Elastic Load Balancer by integrating with AWS.

Halo Security Setup

1. Visit your Account > Integrations > .

2. Add the AWS integration.

3. Add a name for the integration.

4. Enter your AWS account information and click Save Changes.

AWS Setup

1. In your AWS dashboard navigate to Identity and Access Management (IAM)

2. Click Roles then Create role

3. Select AWS account

4. Select Another AWS account and Require external ID. Add the external ID value found in your .

5. Click Next

6. On Add permissions click Next

7. Add Role name: HaloSecurity

8. Add Description: Must remain in place for HaloSecurity to function correctly. Email support@halosecurity.com for assistance.

9. Click Create role

10. Select the role you just created: HaloSecurity

11. Under Add permissions, select Create inline policy

12. Click JSON and paste the provided below

13. Click Next

14. Add Policy name: HaloSecurity

15. Click Create Policy

Custom Policy JSON

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "HaloSecurity01",
            "Effect": "Allow",
            "Action": [
                "ec2:Describe*",
                "elasticloadbalancing:Describe*",
                "route53:GetHostedZone",
                "route53:ListHostedZones",
                "route53:ListResourceRecordSets",
                "route53:ListHostedZonesByName",
                "s3:ListAllMyBuckets",
                "cloudfront:ListDistributions",
                "organizations:ListRoots",
                "organizations:ListOrganizationalUnitsForParent",
                "organizations:ListAccounts"
            ],
            "Resource": "*"
        }
    ]
}

Monitor Dynamic IP Addresses

Sending Events to AWS

You can also send events from Halo Security to AWS, using the instruction below: