Create an AWS User with Minimal Permissions for the Cisco Secure Dynamic Attributes Connector
This task discusses how to set up a service account with minimum permissions to send dynamic attributes to Security Cloud Control. For a list of these attributes, see Amazon Web Services Connector—About User Permissions and Imported Data.
Before you begin
You must already have set up your Amazon Web Services (AWS) account. For more information about doing that, see this article in the AWS documentation.
Procedure
Step 1 | Log in to the AWS console as a user with the admin role. | ||
Step 2 | From the Dashboard, click . | ||
Step 3 | Click . | ||
Step 4 | Click Add Users. | ||
Step 5 | In the User Name field, enter a name to identify the user. | ||
Step 6 | Click Access Key - Programmatic Access. | ||
Step 7 | At the Set permissions page, click Next without granting the user access to anything; you'll do this later. | ||
Step 8 | Add tags to the user if desired. | ||
Step 9 | Click Create User. | ||
Step 10 | Click Download .csv to download the user's key to your computer.
| ||
Step 11 | Click Close. | ||
Step 12 | At the Identity and Access Management (IAM) page in the left column, click . | ||
Step 13 | Click Create Policy. | ||
Step 14 | On the Create Policy page, click JSON. | ||
Step 15 | Enter the following policy in the field:
| ||
Step 16 | Click Next. | ||
Step 17 | Click Review. | ||
Step 18 | On the Review Policy page, enter the requested information and click Create Policy. | ||
Step 19 | On the Policies page, enter all or part of the policy name in the search field and press Enter. | ||
Step 20 | Click the policy you just created. | ||
Step 21 | Click . | ||
Step 22 | If necessary, enter all or part of the user name in the search field and press Enter. | ||
Step 23 | Click Attach Policy. |