AWS Integration
This document describes how to integrate the Rezonate product with AWS, which provides IAM observability to users, groups, channels, and configurations as well as detection of different security ris
This document describes the integration process for an AWS account to the Rezonate Platform, in a single-click deployment.
The integration will create a read-only role in the AWS account, allowing Rezonate to collect logs, identify identities, and access configuration.
Deployment Instructions
Deploying Rezonate to a Single Account (CloudFormation Stack)
please log in to the target account, and then click on the following link. https://eu-central-1.console.aws.amazon.com/cloudformation/home?region=eu-central-1#/stacks/create/review?templateURL=https://public-access-rezonate-cloudformation.s3.eu-central-1.amazonaws.com/rezon-readonly-role.txt&stackName=RezonateIntegration
In the external id field, please write the value provided to you by the Rezonate team, or alternatively put any random string (8 chars or longer)
Tick the relevant checkboxes and click the Create stack button.
Wait for the deployment to finish (Takes approx. 1-2 minutes), click the outputs tab and copy the created role ARN.
Please share back with the Rezonate team the following:
The created role ARN
The external ID that was used.
Deploying Rezonate to a multi-account (CloudFormation StackSet)
Please login to the Master account (or to the account used for Deployments) and browse to the following link - https://eu-central-1.console.aws.amazon.com/cloudformation/home?#/stacksets/create
In the Specify Template, please paste the following URL https://public-access-rezonate-cloudformation.s3.eu-central-1.amazonaws.com/rezon-readonly-role.txt And Click the next button.
Select your own Stackset Name and in the ExternalId,
please write the value provided to you by the Rezonate team, or alternatively put any random string (8 chars or longer) Click Next.
Configure your deployment settings based on your regular preferences (or click next).
Select your preferred scope, and region and click next. (You can also modify deployment settings based on your preferences)
Click next, and in the final step scroll to the bottom, tick the box, and click submit.
Wait for deployment to succeed.
bring back the selected external ID, The prefix (if changed), and the account numbers (if deployed to the entire organization then the Master account id is good enough )
Locating your Account ID, Role Name and ExternalId
Your Account ID can be easly located on the top right corner of the screen. If you integrated your entire organization, you need to provides the master-account ID.
The External ID is the input you selected during the creation of the stackset.
The Role name can be found by clicking on the StackSet menu item and selecting your stack.
In the inner screen (picture attached) , select Parameters
In the Parameters View, you will find the Prefix that was selected for the created role

Concat the Word RoRole to the prefix. For example if your prefix is Rezon then the role name would be RezonRoRole.
Last updated