AWS v2

You can import new assets directly from your AWS by giving us restricted read access.

Import assets directly from Route53, ElasticIP, and Elastic Load Balancer by integrating with AWS.

If you're connected with AWS, Halo Security can monitor assets with dynamic IP addresses by setting an AWS Instance ID for targets. For more information, see the Scan Configuration page.

Halo Security Setup

  1. In your Halo Security dashboard navigate to Seeds -> Connectors -> Add Connector.

  2. Select AWS v2.

  3. Enter your AWS account information and click Save Changes.

Keep this page open while configuring the AWS permissions.

AWS Setup

  1. In your AWS dashboard navigate to Identity and Access Management (IAM)

  2. Click Roles then Create role

  3. Select AWS account

  4. Select Another AWS account and Require external ID. Add the external ID value found in your connector settings.

  5. Click Next

  6. On Add permissions click Next

  7. Add Role name: HaloSecurity

  8. Add Description: Must remain in place for HaloSecurity to function correctly. Email support@halosecurity.com for assistance.

  9. Click Create role

  10. Select the role you just created: HaloSecurity

  11. Under Add permissions, select Create inline policy

  12. Click JSON and paste the custom policy provided below

  13. Click Next

  14. Add Policy name: HaloSecurity

  15. Click Create Policy

Once you've created the policy, return to the Halo Security dashboard and click Run on the connector to confirm it is working correctly.

Custom Policy JSON

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "HaloSecurity01",
            "Effect": "Allow",
            "Action": [
                "ec2:Describe*",
                "elasticloadbalancing:Describe*",
                "route53:GetHostedZone",
                "route53:ListHostedZones",
                "route53:ListResourceRecordSets",
                "route53:ListHostedZonesByName",
                "s3:ListAllMyBuckets",
                "cloudfront:ListDistributions"
            ],
            "Resource": "*"
        }
    ]
}

PreviousAWS v1 (deprecated)NextCloudflare

Last updated