Views:

 

  1. Login to your AWS Primary Account.
    1. Go to Amazon Web Services.
    2. Sign in using the AWS Primary Account.
  2. Configure an IAM policy.
    1. In the Amazon Web Services Console, go to the IAM service.
    2. In the left navigation pane, click Policies.
    3. If this is your first time on this page, you'll need to click Get Started.
    4. Click Create policy.
    5. Select the JSON tab.
    6. Copy the following JSON code into the text box: 
      {
"Version": "2012-10-17",
"Statement": [
{
"Sid": "cloudconnector",
"Action": [
"ec2:DescribeImages",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"ec2:DescribeSubnets",
"ec2:DescribeTags",
"ec2:DescribeVpcs",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeSecurityGroups",
"workspaces:DescribeWorkspaces",
"workspaces:DescribeWorkspaceDirectories",
"workspaces:DescribeWorkspaceBundles",
"workspaces:DescribeTags",
"iam:ListAccountAliases",
"iam:GetRole",
"iam:GetRolePolicy",
"sts:AssumeRole"
],
"Effect": "Allow",
"Resource": "*"
}
]
}
  3. Create an IAM user with an access key ID and secret.
    1. Go to the IAM service > Users > Add user.
    2. Enter a user name. Example: Deep_Security_IAM_User.
    3. For Access type, select Programmatic access.
    4. Click Next > Permissions and then click the Attach existing policies directly box.
    5. Find the IAM policy you just created and select the check box next to it.
    6. Click Next > Review > Create user. Your access key ID and secret access key are shown in the table.
    7. Copy the access key ID and secret access key to a safe location. You'll need them later.
  4. Add the access key to the manager.
    1. Log in to Deep Security Manager and click Administration at the top.
    2. Click System Setting on the left, then click the Advanced tab in the main pane.
    3. Scroll to the bottom and look for the Manager AWS Identity heading.
    4. Next to Access Key - The Access Key of an AWS User used for the manager identity, enter the access key of the IAM user you created previously.
    5. Next to Secret Key - The Secret Access Key of an AWS User used for the manager identity, enter the secret key of the IAM user that you created previously.
    6. Click Save.
  5. Add your AWS Primary Account and its access key to the manager.
    1. Login to the Deep Security manager console.
    2. Click Computers > Add > Add AWS Account.
    3. Select Use AWS Access Keys.
    4. Enter your AWS Primary Account's IAM user Access Key ID and Secret Access Key that you created previously.
    5. If your AWS Primary Account includes Amazon WorkSpaces, select Include Amazon WorkSpaces to include them with your Amazon EC2 instances. By enabling the check box, you ensure that your Amazon WorkSpaces appear in the correct location in the tree structure in Deep Security Manager and are billed at the correct rate.
    6. Your AWS Primary Account's Amazon EC2 instances and Amazon WorkSpaces are loaded.
    7. After completing the above tasks, proceed to Install the agent on your Amazon EC2 and WorkSpace instances if you have not done so already.
      Reference: https://help.deepsecurity.trendmicro.com/20_0/on-premise/aws-add-access-keys.html
Keywords: Deep Security Agent username display,DSA visibility management,User information in DSA,Displaying user information in DSA,Deep Security Agent deployment management