Contains scripts and instructions to configure your JupiterOne AWS integration.
You can set up the necessary AWS IAM role for JupiterOne using one of the following methods:
Just click this button to launch a CloudFormation stack for provisioning your JupiterOne AWS integration:
aws cloudformation create-stack --stack-name JupiterOneIntegration --template-url https://s3.amazonaws.com/lifeomic-prod-us-jupiter-aws-integration/jupiterone-cloudformation.json
From your AWS Management Console, perform the following steps:
-
Go to IAM, select Roles and then Create Role.
-
Select Another AWS account under Select type of trusted entity.
-
Enter the following Account ID:
<jupiterone_account_id>
-
Select Require external ID and enter the following External ID:
<jupiterone_external_id>
-
Leave Require MFA unchecked and click Next: Permissions.
-
In the Policy search box, search for and select
SecurityAudit
policy. This is an AWS-managed IAM policy that grants access to read security configurations of the AWS resources. -
With the
SecurityAudit
policy select, click Next: Review. -
Enter
JupiterOne
as the Role Name, and optionally, enter a description for the Role. -
Click Create Role.
-
In the list of Roles, search for and select the newly created
JupiterOne
role, and copy the Role ARN. It should be in a format that looks likearn:aws:iam::<your_aws_account_id>:role/JupiterOne
.