AWS Credentials: Basic tab - Adaptive Applications - BlueCat Gateway - 23.3.2

Cloud Discovery & Visibility Administration Guide

Locale
English
Product name
BlueCat Gateway
Version
23.3.2

The Credentials section of the AWS Setup tab contains credentials that Cloud Discovery & Visibility uses to access your AWS infrastructure.

Fields in the Basic tab of the Credentials section are as follows:

Field/Option Description
Use EC2 instance credentials

Appears only when CDV is deployed on EC2 instances in AWS environments. Select this checkbox to tell CDV to use the credentials of the user that deployed the CDV instance in AWS for authentication in AWS environments.

Note: Selecting this checkbox hides other fields in this section.

For more details, see To automatically authenticate CDV using the credentials on the EC2 instance below.

Basic AWS parameters

Field/Option Description
AWS Access Key ID The AWS access key ID for your environment.
AWS Secret Access Key

The AWS secret access key that is associated with the specified AWS Access Key ID.

Advanced AWS parameters

Field/Option Description

Enable AWS Multifactor Authentication

AWS MFA Token ARN

Select the Enable AWS Multifactor Authentication checkbox to enable AWS multi-factor authentication.

Also, in AWS MFA Token ARN, enter the AWS multi-factor authentication token Amazon Resource Name (ARN). This token must be in the following format:

arn:aws:iam::<account_number>:mfa/<account_id>
For example:
arn:aws:iam::123456789012:mfa/exampleUser
Enable AWS Role Assumption

AWS Role ARN

Select the Enable AWS Role Assumption checkbox to enable AWS role assumption. This means CDV can use a temporary set of security credentials to access AWS resources to which it normally doesn't have access.

Also, in AWS Role ARN, enter the AWS role assumption ARN. The AWS role ARN must be in the following format:

arn:aws:iam::<account_role_number>:role/<role_name>
For example:
arn:aws:iam::987654321098:role/developerRole

To automatically authenticate CDV using the credentials on the EC2 instance:

  1. Make sure the EC2 instance credentials have the permissions needed by CDV.

  2. In CDV, click AWS in the banner at the top and then click Setup.

  3. Click to expand AWS Credentials (if necessary), then click the Basic tab.

  4. Click to select the Use EC2 instance credentials checkbox.

    When selected, the credentials of the user that deployed the CDV instance in AWS are used for authentication. CDV also hides other credential fields from view.

    Attention:
    • The Use EC2 instance credentials checkbox only appears when CDV is deployed on EC2 instances in AWS environments. For more information on deploying CDV on an AWS EC2 instance, see Installing CDV on AWS EC2 instances.

    • If you have CDV deployed on an EC2 instance in AWS and Use EC2 instance credentials does not appear, make sure that the EC2 instance exists and retrieve the instance metadata. For more information, see Retrieving AWS EC2 instance metadata.

To configure AWS credentials manually:

  1. In Cloud Discovery & Visibility, click AWS in the banner at the top and then click Setup.
  2. Click to expand AWS Credentials (if necessary), then click the Basic tab.
  3. If the Use EC2 instance credentials checkbox is selected, click to clear it.
  4. Under AWS Credentials, enter your AWS credentials:
    • AWS Access Key ID: Enter the AWS access key ID for your environment.
    • AWS Secret Access Key: Enter the AWS secret access key associated to the AWS secret key ID entered.
    • Enable AWS Multifactor Authentication: Select this checkbox to enable AWS multi-factor authentication. Also make sure you enter the AWS MFA Token ARN.
    • Enable AWS Role Assumption: Select this checkbox to enable AWS role assumption. Also make sure you enter the AWS Role ARN.

    For more details on these fields, see the parameter list above.