Onboarding
  • 16 Nov 2022
  • 3 Minutes to read
  • Contributors
  • Dark
    Light

Onboarding

  • Dark
    Light

Article summary

In order to be able to scan a cloud account and find its vulnerabilities out, it has to be added to a Cloud Sentry. The way to create a Cloud Sentry that has acess to the account to be analized, is by adding a credential with the rights permissions for this account.

  1. In the Sentries page, click Create Sentry.
  2. In the Sentry Creation Wizard, add a name to the new Sentry, then select Cloud Sentry radio button, and then select the appropiate cloud provider for the account to be configured
  3.  Each provider has their own set of instructions for generating the credential. Find here below all of them.
    1. Azure
      1. For step by step, please review: Azure Detailed Steps for User Credential Generation
      2. App Registration
        1. In Azure Active Directory. Create a single tenant App registration, with a secret (https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal)
      3. Add Permissions
        1. In API Permission option, Give permissions Directory Read All, and Application Read All. Once added, click Grant Admin consent for Default Directory.
      4. Management Groups
        1. In the Tenant Root Group, option Access Control, add a Role Assignment with Contributor role for the registered app. (Alternatively, add it to the specific Mgmt groups intended to be analyzed).
      5. Create App Registration Secret
        1. Go to Active Directory -> App Registration and select the newly created App Registration. In the left side menu select Certificates and Secrets and create a new Secret, and save the value for the Red Sentry Cloud configuration.
        2. From the Overview of the App Registration get the Client Id and the Tenant Id and save them for the Red Sentry Cloud configuration
      6. Add key to platform
        1. Collect the following information with this format, paste it to corresponding input boxes below: Tenant Id, App registration Client Id, App Registration Client Secret value.
    2. AWS 
      1. For step by step, please review: AWS Detailed Steps for User Credential Generation
      2. Create Service Account
        1. Create AWS user (https://console.aws.amazon.com/iam/home#/users). Make sure to set the access type to programmatic access.
      3. Add Permissions
        1. Create a new group and add (ReadOnlyAccess and SecurityAudit) permissions. Next add the created service account to this group.
      4. Create Service Account Key
        1. If credentials are not automatically created in previous step, click on the created user within IAM. Go to "Security Credentials". Then click "create access key".
      5. Add key to platform
        1. Copy the contents of Access Key and Secret Access Key in the corresponding input boxes in the form.
    3. GCP
      1. For step by step, please review: GCP For step by step, please review:
      2. Create Service Account
        1. In GCP Console, go to IAM, and create a new Service Account( https://console.cloud.google.com/iam-admin/serviceaccounts ), With the following permissions: Viewer,Security Reviewer, Service Usage Admin, and StackDriver Accounts Viewer.
      3. Create Key
        1. From the Service Accounts, select the newly created Service Account, and select the Keys tab. Then in add Add Key, select Create new key, with type JSON, it is going to be downloaded automatically. Open the dowloaded file with a text editor, and copy the entire key (all the text in the file, including the curly brackets {}).
      4. Add key to platform
        1. Copy the contents on the service account key, and paste it into the credentials input area.
  4. Next configure the frequency of your scans. 
    • Manual: If a sentry is configured to manual scanning you will have to manually press the scan button to initiate a scan. 
    • Scheduled: when setting scheduled scans periodicity can be set so scans can be automatically started every 3 days at 15:00, every 3 weeks on Tuesdays at 00:00 and so on.
    • Continuous: to scan your environment 24/7 365. 


  5. The next step involves the scheduling of reports. If configured, RedSentry is going to delivery reports automatically, based on choosen schedule, following the same approach format than the scheduled scan (every 3 days at 15:00, every 3 weeks on Tuesdays at 00:00 and so on). If automatic report delivery is configured, it is needed to provide at least one email per schedule for the report to be sent to.
     
  6. The last step is the Review. Here the configuration details of the sentry can be reviewed. In case anything needs to be changed it is possible to either press the "Previous Step" button to go back one step at a time, or click the desired step in the steps bar at the top

  7. If everything is ok, then clicking in "Create Sentry" will create the Sentry and navigate to Sentry List screen.






Was this article helpful?