AWS Key-Based Authentication

Owned by Tristan Mohn (Deactivated)
Last updated: Feb 09, 2023 by Victoria Buhler (Deactivated)
2 min read


Page Contents



Overview

This documentation provides instructions for adding a new AWS user and creating a key-based authentication between ZenGRC and AWS.

Creating an Identity Access Management User in AWS

The first step in the connection is to create a configured Identity Access Management (IAMuser. To set up this user, log into your organization's AWS site, and complete the following steps:

  1. Open the IAM Console.
  2. Click Users.
  3. Click Add user.
  4. Under "Set user details," enter a name in the User name box.

  5. Under "Select AWS access type," select the Programmatic access box.



  6. Click Next: Permissions.

  7. Select the Attach existing policies directly box.



  8. Click Create Policy. This opens a new window or tab in your browser. Steps and code needed for the policy can be found in the next documentation sections.

Creating a Policy

Policy creation is a continuation of the steps documented above for adding a user. You'll need to copy the code on the Code for Your Amazon Web Services Policy page and use it to populate the policy.

To create a policy, compete the following steps:

  1. Select the JSON tab.



  2. Paste the code from Code for Your Amazon Web Services Policy.

  3. Click Review Policy.

  4. Name the policy with an apt description, such as "ZenGRCAWSIntegrationPolicy."



  5. Click Create Policy. A successful submission refreshes the Policy page with a message at page top.



  6. Close this browser window and return to the Create user page.

  7. Refresh the list of policies and select the check box beside the policy you just created.



    TIP

    Use the search functionality to reduce the number of policies that display.

  8. Click Next: Tags.



  9. The Tags page is an optional step you can bypass by clicking Next: Review.

  10. On the Review page, check the data to ensure everything is correct.

  11. Click Create User.
  12. Copy the Access key ID and Secret access key displayed on the success page.



  13. Click Close.


Accessing AWS and Finishing the Connection

After creating an IAM user in your AWS account, open your ZenGRC instance and access the AWS connector. 

NOTE

To access connectors, please see Introduction to ZenConnect.

To establish the connection between AWS and your ZenGRC instance, complete the following steps:

  1. Enter your Access key ID in the AWS Access Key ID text box.
  2. Enter your Secret access key in the AWS Secret Access Key text box.
  3. Change the default region if necessary.
  4. Click Next.



  5. A notification displays letting you know if the the credentials are successful.

Adding Evidence Fetchers to Controls and Requests

After a fetcher pulls data into ZenGRC, the information must be attached and mapped to a control. Then it can be added to a request. For more information, please see Working with Fetchers, Controls, and Requests.


Other Helpful Content

•  Access and User Assistance 
•  System of Record List Views  
•  Actions on the Details Page 
•  Creating New Objects 
•  Favorites 
•  Quick Tips for End Users (Printable) 
•  Searching the Left-Hand Navigation

© 2021 Copyright Reciprocity, Inc.
https://reciprocity.com