Connecting and updating AWS accounts | Trend Micro Service Central

Views:

Add your AWS accounts and organizations or update imported legacy connections.

Important

Some connection methods have limited support for Trend Vision One features. Review each connection method see which best suits your cloud environment and security needs.

Cloud Accounts supports connecting AWS accounts individually or as part of an AWS Organization.

If you updated a Trend Cloud One Workload Security product to Server & Workload Protection, the connected AWS accounts are automatically added to Cloud Accounts. Update your AWS connections to enable the additional cloud security features Trend Vision One provides.

Before you begin, ensure you have access to a sign-in or user role with administrator privileges for the cloud account you wish to connect. Sign into the account on a separate tab in the same browser instance as the Trend Vision One console.

To connect AWS accounts individually, refer to the following topics to find the method that best suits your environment:
- To use a stack template to automate the conneciton process, see Adding an AWS account using CloudFormation.
- To use a terraform script with AWS CloudShell, see Adding an AWS account using Terraform.
- To connect from AWS, see Using QuickLaunch to add an AWS account.
- To use alternative methods or connect manually, see Connecting AWS Accounts Using APIs.
To connect an AWS Control Tower account for log monitoring, refer to the following topics:
- To configure your CloudTrail settings, see CloudTrail configuration.
- To connect an AWS Log Archive account with Control Tower, see Adding an AWS account with CloudTrail and Control Tower.
- To connect an AWS Control Tower Audit account, see Adding an AWS Control Tower audit account with CloudTrail.

To add accounts managed by an AWS organization, see Adding AWS Organizations.

Important

Adding an AWS organization forces accounts managed by that organization to apply the same settings configured for the entire organization. Settings cannot be modified for individual accounts added as part of an organization.

To apply different configurations to individual accounts managed by an AWS organization, you must add those accounts separately. Either add the accounts before adding your AWS organization, or use the OrganizationExcludedAccounts parameter to exclude those accounts from the stack deployment.

To update a legacy connection added by Cloud Posture and Server & Workload Protection, see Updating a legacy AWS connection.