Before Aqua CSPM can produce any security scan results, you must connect an Amazon Web Services account (Aqua also supports Azure, GCP, and Oracle Cloud accounts).

This done through the use of a secure, third-party cross-account IAM role. To fully connect the account, you must complete steps in both your AWS account, as well as in your Aqua CSPM account.

Using the Connection Wizard

  1. Navigate to the "Connect New Account" Wizard page: https://cloud.aquasec.com/
  2. Choose AWS account and CloudFormation method.
  3. Click the "Launch Stack" button on the left.
  4. Don't close the page/tab or refresh.
  5. Wait for the stack to finish creating in your AWS account.
  6. When it's done, copy the role ARN from the outputs tab and paste it back on the wizard page.
  7. Click "Connect" to finish.