Step1: In Saner, click on “Onboarding”
Step2: Select “AWS Credentials,” as shown in the image below
Step3: To onboard the AWS account, you need the AWS Account ID, AWS Access Key ID, and AWS Secret Access Key, as shown in the image above
Step4: Log in to your AWS account and ensure you are in the correct region, or switch to the required region
AWS Remediation Policy Creation
Step5: Navigate to “IAM” and click on “Policies” under “Access Management,” as shown in the image below
Step6: Click on “Create Policy” and select “JSON,” which opens the “Policy Editor,” as shown in the image below
Step7: Click here to download the policy. Open the JSON file, copy its contents, and paste the policy into the “Policy Editor,” then click “Next.”
Step8: Enter the “Policy Name” as “Saner-CNAPP-Remediation-Policy” and provide the description, as shown in the image below
Step9: Add a new tag if necessary, then click “Create Policy.” Once the policy is successfully created, copy the “Policy Name” for future use.
AWS Saner CNAPP IAM User Creation
Step10: Navigate to “IAM,” click on “Users” under “Access Management,” and then click on “Create User,” as shown in the image below
Step11: Enter the “User Name” (e.g., “Saner-CNAPP-AWS-IAM-User”) and click “Next,” as shown in the image below
Step12: Search for and select the “ReadOnlyAccess” AWS managed policy, as shown in the image below
Step13: Search for and select the remediation policy “Saner-CNAPP-Remediation-Policy” that was created in the previous steps, as shown in the image below, and click “Next.”
Step14: Review the details, as shown in the image below, and click “Create User”
Step15: After the user is successfully created, search for and select the user “Saner-CNAPP-AWS-IAM-User,” as shown in the image below
AWS Access Key Creation
Step16: Verify the details and click on “Create Access Key,” as shown in the image below
Step17: Select “Third-party service,” check the box confirming the creation of the access key, and click “Next,” as shown in the image below
Step18: Click on “Create Access Key” to generate the AWS access key, as shown in the image below
Step19: Once the access key is created, copy the “Access Key” and “Secret Access Key” for future use. Additionally, download the access key details and store them in a safe place, as shown in the image below. After copying the access keys, click “Done” to complete the process.
Make sure to read the “Access Key Best Practices” and follow the instructions.
Step20: Navigate to the created user “Saner-CNAPP-AWS-IAM-User” and verify all the details, as shown in the image below
Step21: Go to the Saner CNAPP Onboarding page, enter the “Cloud Account ID,” “AWS Access Key ID,” and “AWS Secret Access Key.” Verify all the details, and click the “Onboard” button, as shown in the image below
Step22: The AWS Access Keys onboarding is complete. Click on “Scan Settings,” configure the required provisions, and initiate the scan by clicking the “Scan” button in the “Actions” pane, as shown in the image below
