The following instructions will guide your organization in setting up and configuring multiple AWS accounts for Dash compliance monitoring. Teams will have to provide permissions via Dash and CloudFormation to allow Dash to scan secondary AWS accounts.
What Will You Need?
- AWS User With Administrator Permissions – (the CloudFormation template creates resources that require a higher permission set)
- The Latest Dash ComplyOps CloudFormation Template
- Existing Dash ComplyOps Platform in your AWS account
- About 5 minutes of time
Instructions
- In the Dash ComplyOps, navigate to Settings→ AWS Account Settings
- The page should look like this:
3. Click the ‘Setup’ button in the bottom righthand corner of the image. This will take you to AWS where you will grant Dash permission to scan this environment.
4. In the new browser tab that just opened, please enter the password for the selected account
5. After logging it, you will be redirected to the CloudFormation setup page. It has already preloaded with the correct CloudFormation template, using an S3 url.
6. Click the ‘Next‘ button.
7. On the subsequent page, click the ‘Next’ button again. There is nothing to change on this screen.
8. On this page, you must select the checkbox, “I acknowledge that AWS CloudFormation might create IAM resources with custom names“.
Now click “Create“
9. The CloudFormation template is now under way. Please wait 1-3 mins until the CloudFormation template completes successfully.
10. Now you can navigate back to the Dash Compliance center. Please press ‘Refresh AWS Environments’. After waiting a few seconds, you will now see that the environment if now validated. This means that scans are being ran on this environment.
You can always contact us if there are issues setting up permissions.