AWS Integration - Manual Configuration

Integrate Lacework with AWS to analyze CloudTrail activity and configuration compliance. This topic describes how to manually integrate Lacework with AWS.

Navigate to Manual Integration

1. Log in to the Lacework Console.
2. Go to Settings > Integrations > Cloud accounts.
3. Click + Add New.
4. Click Amazon Web Services and select Manual configuration.
5. Click Next.
6. Select an integration type and follow the steps that correspond to the integration type.
   • Configuration
   • Configuration (US GovCloud)
   • CloudTrail+Configuration
   • CloudTrail+Configuration (US GovCloud)
   • EKS Audit Log

AWS Configuration

Ensure you have completed the prerequisites described in AWS Configuration Integration Prerequisites.

1. For Name, enter a unique name that displays in the Lacework Console.
2. For Account ID, enter your AWS account identifier or alias.
3. For External ID, paste the external ID that you created when completing the prerequisites. If the external ID does not comply with the format requirements, click the Refresh icon to generate a new one. Then follow the steps to update the external ID in the AWS console before returning here to finish the integration.
4. For Role ARN, enter the ARN of the cross-account role that you created when completing the prerequisites. Lacework uses this to access your AWS resources.
5. Click Save to finish the AWS integration and save your onboarding progress.
   The integration appears in the list of cloud accounts under Cloud accounts.

AWS CloudTrail and Configuration

Ensure you have completed the prerequisites described in AWS CloudTrail Integration Prerequisites.

1. For Name, enter a unique name that displays in the Lacework Console.
2. For Account ID, enter your AWS account identifier or alias.
3. For External ID, paste the external ID that you created when completing the prerequisites. If the external ID does not comply with the format requirements, click the Refresh icon to generate a new one. Then follow the steps to update the external ID in the AWS console before returning here to finish the integration.
4. For Role ARN, enter the ARN of the cross-account role that you created when completing the prerequisites. Lacework uses this to access your AWS resources.
5. For SQSQueueURL, enter the Amazon Simple Queue Service (SQS) URL value.
6. Click Save to finish the AWS integration and save your onboarding progress. The integration appears in the list of cloud accounts under Cloud accounts.