Search…
⌃K
Links

AWS

You can import new assets directly from your AWS by giving us restricted read access.
Import assets directly from Route53, ElasticIP, and Elastic Load Balancer by integrating with AWS.
If you're connected with AWS, Halo Security is able to monitor assets with dynamic IP addresses by setting an AWS Instance ID for targets. For more information, see the Scan Configuration page.

AWS Setup

Create Policy

  1. 1.
    In your AWS dashboard navigate to Identity and Access Management (IAM)
  2. 2.
    Click Policies then Create policy
  3. 3.
    Click JSON tab
  4. 4.
    Paste the Policy JSON below
  5. 5.
    Click Next: Tags
  6. 6.
    Click Next: Review
  7. 7.
    Enter a name Halo Security-connector-policy
  8. 8.
    Click Create Policy

Create User

  1. 1.
    In your AWS dashboard navigate to 'Identity and Access Management (IAM)'
  2. 2.
    Click Users then Add user
  3. 3.
    Enter a username Halo Security-connector
  4. 4.
    Check access type Programmatic access
  5. 5.
    Select Attach existing policies directly
  6. 6.
    Search for Halo Security-connector-policy and check the row.
  7. 7.
    Click Next: Tags
  8. 8.
    Click Next: Review
  9. 9.
    Click Create user
  10. 10.
    Save your Access key ID and Secret access key

Custom Policy JSON

{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Halo Security01",
"Effect": "Allow",
"Action": [
"ec2:Describe*",
"elasticloadbalancing:Describe*",
"route53:GetHostedZone",
"route53:ListHostedZones",
"route53:ListResourceRecordSets",
"route53:ListHostedZonesByName",
"cloudfront:ListDistributions"
],
"Resource": "*"
}
]
}

Connect AWS to Halo Security

  1. 1.
    In your Halo Security dashboard navigate to the Asset Import Connector section.
  2. 2.
    Click Add
  3. 3.
    Select "AWS".
  4. 4.
    Enter your Access key ID and Secret access key
  5. 5.
    Select any other options
  6. 6.
    Click Save