{"id":25,"date":"2026-01-31T21:20:56","date_gmt":"2026-01-31T21:20:56","guid":{"rendered":"https:\/\/sysdig.tonelloandco.com\/?page_id=25"},"modified":"2026-01-31T21:23:25","modified_gmt":"2026-01-31T21:23:25","slug":"cloud-onboarding","status":"publish","type":"page","link":"https:\/\/sysdig.tonelloandco.com\/index.php\/cloud-onboarding\/","title":{"rendered":"Cloud Onboarding"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">This topic describes how to connect your AWS, Azure, GCP and OCI environments to Sysdig Secure. Click a tab below to select the platform you want to set up. You can connect Single Accounts or entire Organization Accounts using Terraform or CloudFormation.<\/p>\n\n\n\n<div class=\"wp-block-gutena-tabs gutena-tabs-block gutena-tabs-block-76e93f-78\"><ul class=\"gutena-tabs-tab tab-left\"><li class=\"gutena-tab-title active\" data-tab=\"1\"><div class=\"gutena-tab-title-content icon-left\"><div class=\"gutena-tab-title-text\"><div>AWS<\/div><\/div><\/div><\/li><li class=\"gutena-tab-title inactive\" data-tab=\"2\"><div class=\"gutena-tab-title-content icon-left\"><div class=\"gutena-tab-title-text\"><div>Azure<\/div><\/div><\/div><\/li><li class=\"gutena-tab-title inactive\" data-tab=\"3\"><div class=\"gutena-tab-title-content icon-left\"><div class=\"gutena-tab-title-text\"><div>GCP<\/div><\/div><\/div><\/li><li class=\"gutena-tab-title inactive\" data-tab=\"4\"><div class=\"gutena-tab-title-content icon-left\"><div class=\"gutena-tab-title-text\"><div>OCI<\/div><\/div><\/div><\/li><\/ul><div class=\"gutena-tabs-content is-layout-flow wp-block-gutena-tabs-is-layout-flow\">\n<div class=\"wp-block-gutena-tab gutena-tab-block gutena-tab-block-53b6f7-f9 active\" data-tab=\"1\">\n<h1 class=\"wp-block-heading\" id=\"aws\">AWS<\/h1>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"1-prerequisites\"><span class=\"ez-toc-section\" id=\"%e2%80%8b1_prerequisites\"><\/span><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#1-prerequisites\">\u200b<\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#1-prerequisites\"><\/a>1. Prerequisites<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>A\u00a0<strong>Sysdig Secure administrator<\/strong>\u00a0account.<\/li>\n\n\n\n<li>An\u00a0<strong>AWS user or role<\/strong>\u00a0with permission to install\u00a0<a href=\"https:\/\/docs.aws.amazon.com\/IAM\/latest\/UserGuide\/id.html\" target=\"_blank\" rel=\"noreferrer noopener\">IAM policies<\/a>, as shown in the table below.<\/li>\n\n\n\n<li>A local workstation with\u00a0<strong>Terraform v1.5+<\/strong>\u00a0installed or access to\u00a0<strong>CloudFormation<\/strong>.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Click to Learn More About Using Terraform and AWS CLI<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Click to Learn More About IAM Permissions<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th class=\"has-text-align-left\" data-align=\"left\"><\/th><th class=\"has-text-align-left\" data-align=\"left\"><\/th><\/tr><\/thead><tbody><tr><td><a href=\"https:\/\/docs.aws.amazon.com\/aws-managed-policy\/latest\/reference\/IAMFullAccess.html\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><\/td><td><\/td><\/tr><tr><td><a href=\"https:\/\/docs.aws.amazon.com\/aws-managed-policy\/latest\/reference\/AWSOrganizationsReadOnlyAccess.html\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><\/td><td><\/td><\/tr><tr><td><a href=\"https:\/\/docs.aws.amazon.com\/aws-managed-policy\/latest\/reference\/AWSCloudFormationFullAccess.html\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><\/td><td><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"2-collect-your-account-details\"><span class=\"ez-toc-section\" id=\"%e2%80%8b2_collect_your_account_details\"><\/span><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#2-collect-your-account-details\">\u200b<\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#2-collect-your-account-details\"><\/a>2. Collect Your Account Details<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/mintcdn.com\/tonelloandco\/PaK7GlD8viOsksOJ\/images\/aws_account_id_small.png?fit=max&amp;auto=format&amp;n=PaK7GlD8viOsksOJ&amp;q=85&amp;s=5b8af3e352701b0740a95d3752223983\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Sign in to the\u00a0<strong>AWS Console<\/strong>. For an\u00a0<strong>Organization<\/strong>, ensure you sign in to your organization\u2019s management account.<\/li>\n\n\n\n<li>Expand the dropdown in the top right corner of the\u00a0<strong>AWS Console<\/strong>\u00a0and copy your\u00a0<strong>Account ID<\/strong>.You can also get your AWS AccountID by using this command via AWS CLI or the AWS Console terminal:<code>aws sts get-caller-identity \\ --query Account \\ --output text<\/code><\/li>\n\n\n\n<li><em>Optional Organization Unit IDs.<\/em>\u00a0By default, your entire AWS Organization will be onboarded. If you want to restrict onboarding to a subset of your Organization, you can gather specific OUIDs now and enter them in the following steps.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"3-connect-with-terraform\"><span class=\"ez-toc-section\" id=\"%e2%80%8b3_connect_with_terraform\"><\/span><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#3-connect-with-terraform\">\u200b<\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#3-connect-with-terraform\"><\/a>3. Connect with Terraform<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/mintcdn.com\/tonelloandco\/PaK7GlD8viOsksOJ\/images\/wizard.png?fit=max&amp;auto=format&amp;n=PaK7GlD8viOsksOJ&amp;q=85&amp;s=9498f4db103f7941e0adab318418ee22\" alt=\"\"\/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">1<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Log in<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Log in to&nbsp;<strong>Sysdig Secure<\/strong>.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">2<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Click Integrations<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Click&nbsp;<strong>Integrations<\/strong>&nbsp;at the bottom of the main left-hand navigation menu, and choose&nbsp;<strong>AWS Cloud Accounts<\/strong>.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">3<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Choose account type<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Choose whether to connect an AWS&nbsp;<strong>Organization<\/strong>&nbsp;or a&nbsp;<strong>Single Account<\/strong>.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">4<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Enter IDs and region<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">For&nbsp;<strong>Organization<\/strong>&nbsp;accounts, In Step 2, enter your&nbsp;<strong>AWS management Account ID<\/strong>&nbsp;and select your&nbsp;<strong>Primary Region<\/strong>. For&nbsp;<strong>Single Accounts<\/strong>, enter only your&nbsp;<strong>AWS Account ID<\/strong>.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">5<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Enter OUIDs<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In Step 3, you can onboard a subset of your Organization Accounts by entering the OUIDs in a comma-separated list. Leave the field blank to onboard your entire Organization.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">6<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Generate Terraform file<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In Step 4, click the&nbsp;<strong>Next<\/strong>&nbsp;button to generate a&nbsp;<code>main.tf<\/code>&nbsp;file to use with Terraform. Copy its contents and paste them into a new file, or download the file to an empty folder on your workstation, such as&nbsp;<code>\/home\/user\/sysdig_onboarding<\/code>.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">7<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Execute Terraform<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>On your\u00a0<strong>workstation<\/strong>, navigate using the CLI to the folder containing your main.tf file and execute the following commands:<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>$ cd \/home\/user\/sysdig_onboarding   # Your main.tf file location\n$ terraform init &amp;&amp; terraform apply\n<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">8<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Complete Onboarding<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>When Terraform completes, click the\u00a0<strong>Complete Onboarding<\/strong>\u00a0button in the Sysdig Secure dashboard. Your newly added account will appear in the\u00a0<strong>Cloud Accounts<\/strong>\u00a0page.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"4-connect-with-cloudformation\"><span class=\"ez-toc-section\" id=\"%e2%80%8b4_connect_with_cloudformation\"><\/span><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#4-connect-with-cloudformation\">\u200b<\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#4-connect-with-cloudformation\"><\/a>4. Connect with CloudFormation<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Log in to\u00a0<strong>Sysdig Secure<\/strong>.<\/li>\n\n\n\n<li>In a separate browser window, log in to your\u00a0<strong>AWS Account<\/strong>. For Organization installs, be sure to log into your Organization\u2019s Management Account.<\/li>\n\n\n\n<li>For\u00a0<strong>Organization<\/strong>\u00a0accounts, in Step 2, enter your\u00a0<strong>AWS management account ID<\/strong>\u00a0and your OUID(s). For a\u00a0<strong>Single Account<\/strong>, enter only your\u00a0<strong>AWS Account ID<\/strong>.<\/li>\n\n\n\n<li>In Step 3, click the\u00a0<strong>Launch Stack<\/strong>\u00a0button. This will shift you to an\u00a0<strong>AWS console<\/strong>\u00a0browser window. Follow any prompts in AWS to deploy the required resources, and be sure to check the Acknowledgements in the AWS Capabilities section.<\/li>\n\n\n\n<li>When CloudFormation completes, click the\u00a0<strong>Complete Onboarding<\/strong>\u00a0button in the Sysdig dashboard. Your newly added account will appear in the Cloud Accounts page.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"5-check-the-connection\"><span class=\"ez-toc-section\" id=\"%e2%80%8b5_check_the_connection\"><\/span><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#5-check-the-connection\">\u200b<\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#5-check-the-connection\"><\/a>5. Check the Connection<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>To validate your AWS connection, navigate to Sysdig Secure\u2019s\u00a0<strong>Integrations<\/strong>\u00a0>\u00a0<strong>Environments<\/strong>\u00a0>\u00a0<strong>AWS<\/strong>.<\/li>\n\n\n\n<li>Click the\u00a0<strong>Added On<\/strong>\u00a0column heading to show the most recently added account on top.<\/li>\n\n\n\n<li>The\u00a0<strong>Status<\/strong>\u00a0column shows the overall connection status:\n<ul class=\"wp-block-list\">\n<li>Connected<\/li>\n\n\n\n<li>Error<\/li>\n\n\n\n<li>Needs Attention<\/li>\n\n\n\n<li>Unknown<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Select the desired AWS account to review the individual services in the detail drawer. There you can view the status of each feature you\u2019ve enabled.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">See an Example of the Health Status for CSPM<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th class=\"has-text-align-left\" data-align=\"left\"><strong><\/strong><\/th><th class=\"has-text-align-left\" data-align=\"left\"><strong><\/strong><\/th><\/tr><\/thead><tbody><tr><td><strong><\/strong><\/td><td><\/td><\/tr><tr><td><strong><\/strong><\/td><td><\/td><\/tr><tr><td><strong><\/strong><\/td><td><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"further-reading\"><span class=\"ez-toc-section\" id=\"%e2%80%8bfurther_reading\"><\/span><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#further-reading\">\u200b<\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#further-reading\"><\/a>Further Reading<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Learn More About Permissions<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"permissions-granted-to-sysdig\"><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#permissions-granted-to-sysdig\"><\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#permissions-granted-to-sysdig\"><\/a><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\n<ul class=\"wp-block-list\">\n<li><\/li>\n\n\n\n<li><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>\n<ul class=\"wp-block-list\">\n<li>\n<ul class=\"wp-block-list\">\n<li><\/li>\n\n\n\n<li><\/li>\n\n\n\n<li><\/li>\n\n\n\n<li><\/li>\n\n\n\n<li><\/li>\n\n\n\n<li><\/li>\n\n\n\n<li><\/li>\n\n\n\n<li><\/li>\n\n\n\n<li><\/li>\n\n\n\n<li><\/li>\n\n\n\n<li><\/li>\n\n\n\n<li><\/li>\n\n\n\n<li><\/li>\n\n\n\n<li><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Learn More About Identies Shared with Sysdig<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"identities\"><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#identities\"><\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#identities\"><\/a><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/docs.aws.amazon.com\/IAM\/latest\/UserGuide\/id.html\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><\/li>\n\n\n\n<li><\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/docs.sysdig.com\/en\/sysdig-secure\/connect-aws\/\" target=\"_blank\" rel=\"noreferrer noopener\"><em>(Original: https:\/\/docs.sysdig.com\/en\/sysdig-secure\/connect-aws\/)<\/em><\/a><\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-gutena-tab gutena-tab-block gutena-tab-block-17d892-1e inactive\" data-tab=\"2\"><\/div>\n\n\n\n<div class=\"wp-block-gutena-tab gutena-tab-block gutena-tab-block-c285bb-50 inactive\" data-tab=\"3\"><\/div>\n\n\n\n<div class=\"wp-block-gutena-tab gutena-tab-block gutena-tab-block-2a340d-e3 inactive\" data-tab=\"4\">\n<h2 class=\"wp-block-heading\" id=\"aws\"><span class=\"ez-toc-section\" id=\"aws\"><\/span>AWS<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"1-prerequisites\"><span class=\"ez-toc-section\" id=\"%e2%80%8b1_prerequisites-2\"><\/span><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#1-prerequisites\">\u200b<\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#1-prerequisites\"><\/a>1. Prerequisites<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>A&nbsp;<strong>Sysdig Secure administrator<\/strong>&nbsp;account.<\/li>\n\n\n\n<li>An&nbsp;<strong>AWS user or role<\/strong>&nbsp;with permission to install&nbsp;<a href=\"https:\/\/docs.aws.amazon.com\/IAM\/latest\/UserGuide\/id.html\" target=\"_blank\" rel=\"noreferrer noopener\">IAM policies<\/a>, as shown in the table below.<\/li>\n\n\n\n<li>A local workstation with&nbsp;<strong>Terraform v1.5+<\/strong>&nbsp;installed or access to&nbsp;<strong>CloudFormation<\/strong>.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Click to Learn More About Using Terraform and AWS CLI<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Click to Learn More About IAM Permissions<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"2-collect-your-account-details\"><span class=\"ez-toc-section\" id=\"%e2%80%8b2_collect_your_account_details-2\"><\/span><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#2-collect-your-account-details\">\u200b<\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#2-collect-your-account-details\"><\/a>2. Collect Your Account Details<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/mintcdn.com\/tonelloandco\/PaK7GlD8viOsksOJ\/images\/aws_account_id_small.png?fit=max&amp;auto=format&amp;n=PaK7GlD8viOsksOJ&amp;q=85&amp;s=5b8af3e352701b0740a95d3752223983\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Sign in to the&nbsp;<strong>AWS Console<\/strong>. For an&nbsp;<strong>Organization<\/strong>, ensure you sign in to your organization\u2019s management account.<\/li>\n\n\n\n<li>Expand the dropdown in the top right corner of the&nbsp;<strong>AWS Console<\/strong>&nbsp;and copy your&nbsp;<strong>Account ID<\/strong>.You can also get your AWS AccountID by using this command via AWS CLI or the AWS Console terminal:<code>aws sts get-caller-identity \\ --query Account \\ --output text<\/code><\/li>\n\n\n\n<li><em>Optional Organization Unit IDs.<\/em>&nbsp;By default, your entire AWS Organization will be onboarded. If you want to restrict onboarding to a subset of your Organization, you can gather specific OUIDs now and enter them in the following steps.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"3-connect-with-terraform\"><span class=\"ez-toc-section\" id=\"%e2%80%8b3_connect_with_terraform-2\"><\/span><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#3-connect-with-terraform\">\u200b<\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#3-connect-with-terraform\"><\/a>3. Connect with Terraform<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/mintcdn.com\/tonelloandco\/PaK7GlD8viOsksOJ\/images\/wizard.png?fit=max&amp;auto=format&amp;n=PaK7GlD8viOsksOJ&amp;q=85&amp;s=9498f4db103f7941e0adab318418ee22\" alt=\"\"\/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">1<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Log in<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Log in to&nbsp;<strong>Sysdig Secure<\/strong>.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">2<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Click Integrations<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Click&nbsp;<strong>Integrations<\/strong>&nbsp;at the bottom of the main left-hand navigation menu, and choose&nbsp;<strong>AWS Cloud Accounts<\/strong>.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">3<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Choose account type<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Choose whether to connect an AWS&nbsp;<strong>Organization<\/strong>&nbsp;or a&nbsp;<strong>Single Account<\/strong>.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">4<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Enter IDs and region<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">For&nbsp;<strong>Organization<\/strong>&nbsp;accounts, In Step 2, enter your&nbsp;<strong>AWS management Account ID<\/strong>&nbsp;and select your&nbsp;<strong>Primary Region<\/strong>. For&nbsp;<strong>Single Accounts<\/strong>, enter only your&nbsp;<strong>AWS Account ID<\/strong>.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">5<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Enter OUIDs<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In Step 3, you can onboard a subset of your Organization Accounts by entering the OUIDs in a comma-separated list. Leave the field blank to onboard your entire Organization.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">6<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Generate Terraform file<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In Step 4, click the&nbsp;<strong>Next<\/strong>&nbsp;button to generate a&nbsp;<code>main.tf<\/code>&nbsp;file to use with Terraform. Copy its contents and paste them into a new file, or download the file to an empty folder on your workstation, such as&nbsp;<code>\/home\/user\/sysdig_onboarding<\/code>.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">7<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Execute Terraform<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>On your&nbsp;<strong>workstation<\/strong>, navigate using the CLI to the folder containing your main.tf file and execute the following commands:<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>$ cd \/home\/user\/sysdig_onboarding   # Your main.tf file location\n$ terraform init &amp;&amp; terraform apply\n<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">8<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#\"><\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Complete Onboarding<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>When Terraform completes, click the&nbsp;<strong>Complete Onboarding<\/strong>&nbsp;button in the Sysdig Secure dashboard. Your newly added account will appear in the&nbsp;<strong>Cloud Accounts<\/strong>&nbsp;page.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"4-connect-with-cloudformation\"><span class=\"ez-toc-section\" id=\"%e2%80%8b4_connect_with_cloudformation-2\"><\/span><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#4-connect-with-cloudformation\">\u200b<\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#4-connect-with-cloudformation\"><\/a>4. Connect with CloudFormation<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Log in to&nbsp;<strong>Sysdig Secure<\/strong>.<\/li>\n\n\n\n<li>In a separate browser window, log in to your&nbsp;<strong>AWS Account<\/strong>. For Organization installs, be sure to log into your Organization\u2019s Management Account.<\/li>\n\n\n\n<li>For&nbsp;<strong>Organization<\/strong>&nbsp;accounts, in Step 2, enter your&nbsp;<strong>AWS management account ID<\/strong>&nbsp;and your OUID(s). For a&nbsp;<strong>Single Account<\/strong>, enter only your&nbsp;<strong>AWS Account ID<\/strong>.<\/li>\n\n\n\n<li>In Step 3, click the&nbsp;<strong>Launch Stack<\/strong>&nbsp;button. This will shift you to an&nbsp;<strong>AWS console<\/strong>&nbsp;browser window. Follow any prompts in AWS to deploy the required resources, and be sure to check the Acknowledgements in the AWS Capabilities section.<\/li>\n\n\n\n<li>When CloudFormation completes, click the&nbsp;<strong>Complete Onboarding<\/strong>&nbsp;button in the Sysdig dashboard. Your newly added account will appear in the Cloud Accounts page.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"5-check-the-connection\"><span class=\"ez-toc-section\" id=\"%e2%80%8b5_check_the_connection-2\"><\/span><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#5-check-the-connection\">\u200b<\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#5-check-the-connection\"><\/a>5. Check the Connection<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>To validate your AWS connection, navigate to Sysdig Secure\u2019s&nbsp;<strong>Integrations<\/strong>&nbsp;&gt;&nbsp;<strong>Environments<\/strong>&nbsp;&gt;&nbsp;<strong>AWS<\/strong>.<\/li>\n\n\n\n<li>Click the&nbsp;<strong>Added On<\/strong>&nbsp;column heading to show the most recently added account on top.<\/li>\n\n\n\n<li>The&nbsp;<strong>Status<\/strong>&nbsp;column shows the overall connection status:\n<ul class=\"wp-block-list\">\n<li>Connected<\/li>\n\n\n\n<li>Error<\/li>\n\n\n\n<li>Needs Attention<\/li>\n\n\n\n<li>Unknown<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Select the desired AWS account to review the individual services in the detail drawer. There you can view the status of each feature you\u2019ve enabled.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">See an Example of the Health Status for CSPM<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th class=\"has-text-align-left\" data-align=\"left\"><strong><\/strong><\/th><th class=\"has-text-align-left\" data-align=\"left\"><strong><\/strong><\/th><\/tr><\/thead><tbody><tr><td><strong><\/strong><\/td><td><\/td><\/tr><tr><td><strong><\/strong><\/td><td><\/td><\/tr><tr><td><strong><\/strong><\/td><td><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"further-reading\"><span class=\"ez-toc-section\" id=\"%e2%80%8bfurther_reading-2\"><\/span><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#further-reading\">\u200b<\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#further-reading\"><\/a>Further Reading<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Learn More About Permissions<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"permissions-granted-to-sysdig\"><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#permissions-granted-to-sysdig\"><\/a><a href=\"https:\/\/tonelloandco.mintlify.app\/secure\/onboarding_cloud#permissions-granted-to-sysdig\"><\/a><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/docs.sysdig.com\/en\/sysdig-secure\/connect-aws\/\" target=\"_blank\" rel=\"noreferrer noopener\"><em>(Original: https:\/\/docs.sysdig.com\/en\/sysdig-secure\/connect-aws\/)<\/em><\/a><\/p>\n<\/div>\n<\/div><\/div>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n","protected":false},"excerpt":{"rendered":"<p>This topic describes how to connect your AWS, Azure, GCP and OCI environments to Sysdig Secure. Click a tab below to select the platform you want to set up. You can connect Single Accounts or entire Organization Accounts using Terraform or CloudFormation.<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"page-both-sidebar","meta":{"footnotes":""},"class_list":["post-25","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/sysdig.tonelloandco.com\/index.php\/wp-json\/wp\/v2\/pages\/25","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sysdig.tonelloandco.com\/index.php\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/sysdig.tonelloandco.com\/index.php\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/sysdig.tonelloandco.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sysdig.tonelloandco.com\/index.php\/wp-json\/wp\/v2\/comments?post=25"}],"version-history":[{"count":3,"href":"https:\/\/sysdig.tonelloandco.com\/index.php\/wp-json\/wp\/v2\/pages\/25\/revisions"}],"predecessor-version":[{"id":30,"href":"https:\/\/sysdig.tonelloandco.com\/index.php\/wp-json\/wp\/v2\/pages\/25\/revisions\/30"}],"wp:attachment":[{"href":"https:\/\/sysdig.tonelloandco.com\/index.php\/wp-json\/wp\/v2\/media?parent=25"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}