AWS Connector

Overview

• About cross-account access

• Role permissions required

• Configure AWS Cross-Account

• Service Mapping

• Support notes

About cross-account access

Cross-account access enables IAM users using one AWS account to access the AWS resources of another AWS account.
If you have several AWS accounts in your organization, it is recommended to use cross-account, instead of configuring several AWS connectors within Vulcan.

Role permissions required

The following is the role permission required for each AWS service. Make sure the required role permissions exist for the services you want to use.

Configure AWS Cross-Account

1. Log in to your Vulcan Cyber dashboard and go to Connectors.

2. Click on Add a Connector.

3. Click on the Orca icon.

   

4. Set up the connector as follows:

   1. Select the AWS Services you want to pull data from.

      About enabling Inspector Classic ("AWS Inspector") and/or Inspector V2:
      - To enable Inspector Classic, check the "AWS Inspector"/"AWS Inspector Classic" option.

      - To enable Inspector V2, check the AWS Security Hub Service.

      

   2. Once you are done with the selection, click “Download Policy”. The downloaded file will be used at a later stage.

5. Generate an ARN file by following the instructions on the AWS connector setup page under AWS Configuration. Note that this step needs to re-occur in each AWS account you want to enable access to.

   

6. Upload the ARN file containing the account information in a CSV file.

   

7. Select Regions - For each account, the connector will try to pull data for all selected regions. 

   

8. Security Hub Products - Choose the products you want to display on the Vulcan Platform. You can change the configurations at any time. This is also where you can enable the Inspector V2 service.

   
   

9. Click "Create".

Service Mapping

Support notes

Vulcan supports Inspector findings for EC2 items only (Inspector findings for ECR items are not supported).