Skip to content
English
Contact us
  • There are no suggestions because the search field is empty.

INTEGRATING YOUR ASSETS ON CYBERVERGENT 

Amazon Web Services (AWS)

Create a user, with the SecurityAudit policy.

  1. Log into your AWS account as an admin or with permission to create IAM resources.
  2. Navigate to the IAM console.
  3. Click on Users
  4. Create a new user (Add user)
  5. Enter the username
  6. Set the access type to "Programmatic access", click Next.
  7. Select "Attach existing policies directly" and select the SecurityAudit policy.
  8. Click "Create policy" to create a supplemental policy (some permissions are not included in SecurityAudit).
  9. Click the "JSON" tab and paste the following permission set.
  10. Click "Review policy."
  11. Provide a <name> and click "Create policy."
  12. Return to the "Create user" page and attach the newly-created policy. Click "Next: tags."
  13. Set tags as needed and then click on "Create user".
  14. Make sure you safely store the Access key ID and Secret access key.
  15. Paste them into the corresponding input on the Cybervergent Integration Page.
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "ses:DescribeActiveReceiptRuleSet",
                "athena:GetWorkGroup",
                "logs:DescribeLogGroups",
                "logs:DescribeMetricFilters",
                "elastictranscoder:ListPipelines",
                "elasticfilesystem:DescribeFileSystems",
                "servicequotas:ListServiceQuotas"
            ],
            "Resource": "*"
        }
    ]
}

 

 

Microsoft Azure

  1. Log into your Azure Portal and navigate to the Azure Active Directory service.
  2. Select App registrations and then click on New registration.
  3. Enter <name> and/or a descriptive name in the Name field, take note of it, it will be used again in step 3.
  4. Leave the "Supported account types" default: "Accounts in this organizational directory only (YOURDIRECTORYNAME)".
  5. Click on Register.
  6. Copy the Application ID and Paste it below.
  7. Copy the Directory ID and Paste it below.
  8. Click on Certificates & secrets.
  9. Under Client secrets, click on New client secret.
  10. Enter a Description and select Expires "In 1 year".
  11. Click on Add.
  12. The Client secret value appears only once, make sure you store it safely.
  13. Navigate to Subscriptions.
  14. Click on the relevant Subscription ID, copy and paste the ID below.
  15. Click on "Access Control (IAM)".
  16. Go to the Role assignments tab.
  17. Click on "Add", then "Add role assignment".
  18. In the "Role" drop-down, select "Security Reader".
  19. Leave the "Assign access to" default value.
  20. In the "Select" drop-down, type the name of the app registration you created and select it.
  21. Click "Save".
  22. Repeat the process for the role "Log Analytics Reader"
  23. Paste them into the corresponding input on the Cybervergent Integration Page.

 Okay, I got that 

Google Cloud Platform (GCP)

  1. Log into your Google Cloud console and "Activate" your Cloud Shell.
  2. Create a new file called aqua-security-audit-role.yaml. You can use: nano cyv-security-audit-role.yaml.
  3. Copy and paste the following yaml code in the file on your Cloud Shell, press Ctrl + X and type "Y" to save the file. Note! Exclude all rows starting with 'resourcemanager' if you do not use Organization.

 

Plain Text

Plain Text 
name: roles/CyvDSPMSecurityAudit
title: CYV DSPM Security Audit
includedPermissions:
  - cloudasset.assets.listResource
  - cloudkms.cryptoKeys.list
  - cloudkms.keyRings.list
  - cloudsql.instances.list
  - cloudsql.users.list
  - compute.autoscalers.list
  - compute.backendServices.list
  - compute.disks.list
  - compute.firewalls.list
  - compute.healthChecks.list
  - compute.instanceGroups.list
  - compute.instances.getIamPolicy
  - compute.instances.list
  - compute.networks.list
  - compute.projects.get
  - compute.securityPolicies.list
  - compute.subnetworks.list
  - compute.targetHttpProxies.list
  - container.clusters.list
  - dns.managedZones.list
  - iam.serviceAccountKeys.list
  - iam.serviceAccounts.list
  - logging.logMetrics.list
  - logging.sinks.list
  - monitoring.alertPolicies.list
  - resourcemanager.folders.get
  - resourcemanager.folders.getIamPolicy
  - resourcemanager.folders.list
  - resourcemanager.hierarchyNodes.listTagBindings
  - resourcemanager.organizations.get
  - resourcemanager.organizations.getIamPolicy
  - resourcemanager.projects.get
  - resourcemanager.projects.getIamPolicy
  - resourcemanager.projects.list
  - resourcemanager.resourceTagBindings.list
  - resourcemanager.tagKeys.get
  - resourcemanager.tagKeys.getIamPolicy
  - resourcemanager.tagKeys.list
  - resourcemanager.tagValues.get
  - resourcemanager.tagValues.getIamPolicy
  - resourcemanager.tagValues.list
  - storage.buckets.getIamPolicy
  - storage.buckets.list
  - deploymentmanager.deployments.list
  - dataproc.clusters.list
  - artifactregistry.repositories.list
  - composer.environments.list
stage: GA

 

 

 

  1. Run the following command to create the role, use your Organization Id to create the Role at the Org Level: gcloud iam roles create CyvDSPMSecurityAudit --organization=YOUR_ORGANIZATION_ID --file=cyv-security-audit-role.yaml
    • You can use --project=YOUR_PROJECT_ID instead of --organization=<YOUR_ORGANIZATION_ID>

Create Service Account

  1. Log into your Google Cloud console and navigate to IAM Admin > Service Accounts.
  2. Click on "Create Service Account".
  3. Enter <name> in the "Service account name", then enter <description> in the description.
  4. Click on Continue.
  5. Select the role: Custom > CYV DSPM Security Audit.
  6. Click on Continue.
  7. Click on "Create Key".
  8. Leave the default JSON selected.
  9. Click on "Create".
  10. The key will be downloaded to your machine.
  11. Open the JSON key file, in a text editor and copy the Project Id, Client Email and Private Key values into the corresponding input on the Cybervergent Integration Page.

 

GitHub 

You need a GitHub personal access token for an organization owner with read-only access. You can read more about the permission model below. Follow these steps:

  1. Log into your GitHub organization account as an owner
  2. Create a new machine (generic) user  (depending on your organization's configuration, you may need to impersonate the user to get access to its settings page). NOTE: You can optionally use an existing organization owner for this token, but we strongly recommend creating a new user.
  3. Ensure the user is added as an owner of the Git organization.
  4. Log into GitHub as this user.
  5. Navigate to "Settings" > "Developer Settings" > "Personal Access Tokens"
  6. Click "Generate new token" and give it a description.
  7. Check the following permissions:
  •  repo
    •  repo:status
    •  repo_deployment
    •  public_repo
    •  repo:invite
  •  admin:org
    •  write:org
    •  read:org
  •  admin:public_key
    •  write:public_key
    •  read:public_key
  •  admin:repo_hook
    •  write:repo_hook
    •  read:repo_hook
  •  admin:org_hook
  •  gist
  •  notifications
  •  user
    •  read:user
    •  user:email
    •  user:follow
  •  delete_repo
  •  write:discussion
    •  read:discussion
  •  admin:business
    •  manage_billing:business
    •  read:business
  •  admin:gpg_key
    •  write:gpg_key
    •  read:gpg_key
  1. Save the permissions to obtain a token. Copy this token into the corresponding input on the Cybervergent Integration Page.