Preparing AWS integration for compliance

In this article:

Connecting your AWS account with SecurityScorecard allows  you to see whether your Cloud configuration is following best practices and adhering to compliance frameworks.

This guide outlines the necessary steps to integrate SecurityScorecard with Amazon Web Services (AWS). One of the prerequisites for successful integration is obtaining the AWS credentials: Secret Access Key and Access Key ID. Prerequisites

You'll need the following:

• An active SecurityScorecard account with administrative access
• An active AWS account with administrative permissions

Preparing your AWS account

• Log in to your AWS Management Console.
• Navigate to "IAM" (Identity and Access Management) from the services list.
• Choose "Users" from the navigation pane, and then choose "Add user."
• Enter a user name (e.g., SecurityScorecardUser).
• In the "Select AWS access type," enable "Programmatic access" to generate an access key ID and secret access key.

Set AWS Permissions for SecurityScorecard

• On the permissions page, select "Attach existing policies directly."
• Search for and attach the required policy. You will need to grant the ReadOnlyAccess policy to your user or role.
• Click "Next: Tags" and optionally add tags.
• Click "Next: Review" and verify the details.
• Click "Create user."

Storing your Access Key ID and Secret Access Key

After you click "Create user," you'll be directed to the "Success" page. Here, you'll find the "Access Key ID" and "Secret Access Key."

• Click "Download .csv" to download these credentials.

Configuring SecurityScorecard

• Sign in to your SecurityScorecard dashboard.
• Navigate to "Marketplace" and choose "AWS."
• Input the "Access Key ID" and "Secret Access Key" that you just generated.
• Click "Save." .

Get help

If you need help or have questions, submit a support request.