Connect AWS Account to Multicloud Defense Controller from CDO Dashboard

Before you begin

You must have requested a Multicloud Defense Controller for your CDO tenant before you begin.


Step 1

From the CDO dashboard, click Multicloud Defense in the CDO menu bar.

Step 2

Click the Add Accounts button.

Step 3

On the Connect a Cloud Account page, click the Amazon Web Services (AWS) tile.

Step 4

In CloudFormation Template section, follow these steps:

  1. Step 1. Click Launch Stack.

    This opens AWS CloudFormation template in AWS.
  2. Step 2. Acknowledge that the AWS CloudFormation might create IAM resources with custom names.

    Multicloud Defense copies the controller IAM role ARN from the CloudFormation stack output for you.
  3. Step 3. Click Next.

Step 5

In the Account Information section, fill in these values:

  1. Account Number: Enter the AWS account number of the account you wish to secure. This number can be found in the output value CurrentAccount of the CloudFormation Template.

  2. Account Name: Enter the name you want to give your account once it has been onboarded.

  3. (Optional)Description: Enter an account description.

Step 6

In the Roles section, the following fields are completed for you:

  1. External ID: A random string for IAM role's trust policy. This value will be used in the controller IAM role created.

    You can regenerate the External ID by clicking the regenerate key.

  2. Controller IAM Role: This is the IAM role created for theMulticloud Defense Controller during CloudFormation Template (CFT) deployment. Look for the output value MCDControllerRoleArn in CFT stack. It should be something similar to this: arn:aws:iam::<Acc Number>:role/valtixcontrollerrole.

  3. Inventory Monitor Role: This is the IAM role created for Multicloud DefenseInventory during CFT deployment. Look for the output value MCDInventoryRoleArn in CFT stack. Should be something similar to this: arn:aws:iam::<Acc Number>:role/valtixinventoryrole.

Step 7

Click Done.

You are returned to the Multicloud Defense dashboard where you will see that the you have a new AWS cloud account recorded.

What to do next

Enable traffic visibility.