Linking AWS Accounts

Linking your AWS account involves setting up certain resources such that Scanner can read your log files, index them, store the index files, and read the index files when you make a query.

AWS resources required

• A new S3 bucket to store Scanner index files.

• A new IAM role with these permissions:

  • Read access to S3 buckets containing your logs.

  • Read/write access to the new Scanner index files bucket.

• A new or existing SNS topic to send s3:ObjectCreated notifications from your S3 log files buckets to the Scanner instance. If your S3 log files are in multiple regions, you will need one SNS topic in each region.

Setting up the resources

You can use AWS CloudShell, CloudFormation, Terraform, or Pulumi to set up the resources in you AWS account. Commands / templates are provided in the following pages.

We recommend CloudShell for easiest onboarding to get started quickly. Teams usually transition to infra-as-code tools like CloudFormation, Terraform, or Pulumi as their infrastructure decisions stabilize.

Getting started

To link a new AWS account to Scanner, perform the following steps.

1. Open up Scanner.

2. Navigate to Settings > AWS Accounts.

3. Click Link New Account.

4. Enter the Account ID and Account Name of your AWS account. The Account Name can be anything that allows you to identify it easily in the UI.

5. Click Continue.

6. Choose one of the two options:

   1. Manual setup. "Walk me through it." Select this option for a step-by-step guide in AWS CloudShell. Ideal for those who prefer a structured approach or are new to cloud configurations.

   2. Infra-as-code. "I can do it myself." Choose this if you're experienced with AWS and plan to use CloudFormation, Terraform, or Pulumi. Recommended for users who prefer to manage their setup independently.

7. Follow the remaining steps to finish linking your AWS account to Scanner.