To attach an Amazon account to Detect, you will need:
- The Prelude Dashboard / UI (US1 | EU1) or Prelude CLI
- Amazon Console access and permissions to grant IAM roles/permissions
IAM Role setup
1. Sign in to AWS IAM Management Console
Go to the AWS Identity and Access Management (IAM) Console:
🔗 IAM Console
2. Create or Use an IAM User
If You Have an IAM User:
- In the left menu, click Users.
- Select your IAM user.
If You Need to Create a New IAM User:
- Click Add users.
- Enter a username.
- Select Access key - Programmatic access.
3. Attach Permissions
- Click Attach policies directly.
- Perms needed:
- Ec2 integration needs only AmazonEC2ReadOnlyAccess
- Click Next and Create user.
4. Generate and Download the Access Key
- Go to the Security credentials tab of your user.
- Click Create access key.
- Select Application running outside AWS or another option that fits your use case.
- Click Create access key.
Download the .csv file containing the Access Key ID and Secret Access Key. ⚠️ This is the only time you can see the secret key!
Within the Prelude SCM Console, navigate to integrations
- Click on +Connect for Amazon EC2 Device Discovery
- Enter:
- Custom name for the connection (optional)
- Amazon Account ID
- Access Key
- Secret Key
- Click Connect
