You can skip all these steps and use the URL in Step 1. Once your AWS IAM window opens up, click the next three times and review the role configured (this page will show the trusted entities and policies associated with this account that are described below). The tutorial below walks you through the manual step by step process on how to connect your AWS account to the ByteChek platform.

Step 1:

  1. ByteChek Quick AWS IAM Role URL (in the platform, you can click this link to open up your IAM console)

  2. Navigate to IAM in the AWS Management Console and select roles in the left-hand menu bar.

  3. Select “Create Role”

  4. Select Another AWS Account

Step 2:

  1. The Account ID required here will be the ByteChek AWS account ID provided to your team during the onboarding process and listed above at the top of this window.

  2. Select “Require external ID” and leave “Require MFA blank”

  3. In the external ID field, input the unique identifier provided by the ByteChek platform listed above at the top of this window and click next:

Step 3:

a. Under “filter policies”, choose AWS Managed-Job Function and select “SecurityAudit”

b. Next, in the search bar type “AWSSupportAccess” and select that AWS managed policy. This policy allows our platform to read the status of key Security and Availability Trusted Advisor Checks within your account.

c. Click next.

d. Skip the tags page unless your organization is using an AWS tagging strategy to manage resources. Learn more about tagging here.

Step 4:

a. Name the role and add a description and click create role:

Tip: Ensure both the Security Audit and AWSSupportAccess policies are listed on this screen.

b. Copy the ARN

c. Paste into your ByteChek platform and click connect.

Grab a cookie 🍪

Did this answer your question?