AWS Integration

This document describes how to integrate the Rezonate product with AWS, which provides IAM observability to users, groups, channels, and configurations as well as detection of different security ris

This document describes the integration process for an AWS account to the Rezonate Platform, in a single-click deployment.

The integration will create a read-only role in the AWS account, allowing Rezonate to collect logs, identify identities, and access configuration.

Deployment Instructions

Deploying Rezonate to a Single Account (CloudFormation Stack)

  1. please log in to the target account, and then click on the following link. https://eu-central-1.console.aws.amazon.com/cloudformation/home?region=eu-central-1#/stacks/create/review?templateURL=https://public-access-rezonate-cloudformation.s3.eu-central-1.amazonaws.com/rezon-readonly-role.txt&stackName=RezonateIntegration

  2. In the external id field, please write the value provided to you by the Rezonate team, or alternatively put any random string (8 chars or longer)

  3. Tick the relevant checkboxes and click the Create stack button.

  4. Wait for the deployment to finish (Takes approx. 1-2 minutes), click the outputs tab and copy the created role ARN.

  5. Please share back with the Rezonate team the following:

    1. The created role ARN

    2. The external ID that was used.

Deploying Rezonate to a multi-account (CloudFormation StackSet)

  1. Please login to the Master account (or to the account used for Deployments) and browse to the following link - https://eu-central-1.console.aws.amazon.com/cloudformation/home?#/stacksets/create

  2. In the Specify Template, please paste the following URL https://public-access-rezonate-cloudformation.s3.eu-central-1.amazonaws.com/rezon-readonly-role.txt And Click the next button.

  3. Select your own Stackset Name and in the ExternalId,

  4. please write the value provided to you by the Rezonate team, or alternatively put any random string (8 chars or longer) Click Next.

  5. Configure your deployment settings based on your regular preferences (or click next).

  6. Select your preferred scope, and region and click next. (You can also modify deployment settings based on your preferences)

  7. Click next, and in the final step scroll to the bottom, tick the box, and click submit.

  8. Wait for deployment to succeed.

  9. bring back the selected external ID, The prefix (if changed), and the account numbers (if deployed to the entire organization then the Master account id is good enough )

Locating your Account ID, Role Name and ExternalId

  1. Your Account ID can be easly located on the top right corner of the screen. If you integrated your entire organization, you need to provides the master-account ID.

  2. The External ID is the input you selected during the creation of the stackset.

  3. The Role name can be found by clicking on the StackSet menu item and selecting your stack.

  4. In the inner screen (picture attached) , select Parameters

  5. In the Parameters View, you will find the Prefix that was selected for the created role

  1. Concat the Word RoRole to the prefix. For example if your prefix is Rezon then the role name would be RezonRoRole.

PreviousGitHub Enterprise ExpansionNextAWS - Required Privileges

Last updated