Create an AWS Security Groups Connector

This task discusses how to configure a connector that sends AWS security groups data to the Security Cloud Control for use in access control policies.

Before you begin

Do all of the following:

Create AWS security groups as discussed in Work with security groups on the AWS documentation site.
Create a user with at least the privileges discussed in Create an AWS User with Minimal Permissions for the Cisco Secure Dynamic Attributes Connector.

Procedure

Step 1

Step 2

Click Tools & Services > Dynamic Attributes Connector > Connectors.

Step 3

Do any of the following:

Add a new connector: click Add icon (), then click the name of the connector.
Edit a connector: click Edit icon ().
Delete a connector: click Delete icon ().

Step 4

Enter the following information.


Value	Description
Name	(Required.) Enter a name to uniquely identify this connector.
Description	Optional description.
Pull Interval	(Default 30 seconds.) Interval at which IP mappings are retrieved from AWS. The minimum value for Pull Interval is 1 second. You can set the maximum to any value you want. We recommend against setting the minimum to a low value because it can generate a lot of traffic, and, when applicable, can result in your being billed for the traffic.
Region	(Required.) Enter your AWS region code.
AWS Access Key	(Required.) Enter your access key.
AWS Secret Key	(Required.) Enter your secret key.

Step 5

Click Test and make sure the test succeeds before you save the connector.

Step 6

Click Save.

Step 7

Make sure Ok is displayed in the Status column.