...
b. Parameters:
CreateNewRole: If a role with the name 'ACNMDRCrossAccountRole' does not exist and it needs to be created, select 'Yes'. Otherwise select 'No'
ACNMDRAwsAccountARN: Provide Accenture MDR Account ARN to create cross-account roleACNMDRExternalId: External ID provided By Accenture MDR for the account. If it is not provided by Accenture MDR, Type assumable role ARN collected from the Accenture MDR device onboarding team(Accenture MDR assumable role will be used to create trust relation with customer role)
ACNMDRExternalId: Provide an External ID as per your choice, ex. <Customer account ID>, Make eMake sure external id matches the pattern:
[\w+=,.@:\/-]*as per the AWS document: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.htmlLoggingResource:
...
9. While your stack is being created, it would appear on the Stacks page with the status as CREATE_IN_PROGRESS, after some time the status will change to CREATE_COMPLETE
...
| Expand | ||
|---|---|---|
| ||
Note: In the case of SQS make sure you are creating and attaching SQS policy as well as S3 policy to the rule. |
Configure IAM role in MDR SOC AWS account (Account B) to access customer
...
resources (MDR Side Configuration)
Sign in to the AWS Management Console with Account B
Open the IAM console.
From the navigation pane, choose Roles.
Choose to Create role.
For Select the type of trusted entity, choose AWS service.
For Choose the service that will use this role, choose EC2
Choose Next: Permissions.
Choose Next: Tags.
You can add optional tags to the role. Or, you can leave the fields blank, and then choose Next: Review.
For the Role name, enter a name for the role.
Choose to Create role.
From the list of roles, choose the role that you just created.
Choose to Add inline policy, and then choose the JSON view.
...
23. Go to the LCP UI and configure the appropriate collector using the below sensor configuration
...