Contains scripts and instructions to configure your JupiterOne AWS integration.

You can set up the necessary AWS IAM role for JupiterOne using one of the following methods:

Just click this button to launch a CloudFormation stack for provisioning your JupiterOne AWS integration:

aws cloudformation create-stack --stack-name JupiterOneIntegration --template-url https://s3.amazonaws.com/lifeomic-prod-us-jupiter-aws-integration/jupiterone-cloudformation.json

From your AWS Management Console, perform the following steps:

1. Go to IAM, select Roles and then Create Role.

2. Select Another AWS account under Select type of trusted entity.

3. Enter the following Account ID: <jupiterone_account_id>

4. Select Require external ID and enter the following External ID: <jupiterone_external_id>

5. Leave Require MFA unchecked and click Next: Permissions.

6. In the Policy search box, search for and select SecurityAudit policy. This is an AWS-managed IAM policy that grants access to read security configurations of the AWS resources.

7. With the SecurityAudit policy select, click Next: Review.

8. Enter JupiterOne as the Role Name, and optionally, enter a description for the Role.

9. Click Create Role.

10. In the list of Roles, search for and select the newly created JupiterOne role, and copy the Role ARN. It should be in a format that looks like arn:aws:iam::<your_aws_account_id>:role/JupiterOne.