Prerequisites
- Saner CNAPP account with any of the following admin roles (Main Admin, Organization Admin, or Account Admin) can perform the onboarding
- Saner CNAPP account where the AWS account will be onboarded. In this case, we have used the “AWS Demo” account for illustration.
- An AWS account with admin access, or a user with permissions for CloudFormation stack creation, role creation, and policy management, is required
- Access to AWS IAM (Identity and Access Management)
- Make sure that you provide a unique Roles and Policy Name
Setup
Step1: Login to Saner CNAPP platform
Step2: Click on “Control Panel” and select the account where you need to onboard, for example, the “AWS Demo” account in our case, as shown in the image below.
Available Integration Methods
There are three ways to connect your AWS account with Saner CNAPP, listed in order of recommendation:
- AWS Role CloudFormation (Automatic) – Recommended
- Fastest and most secure method
- Automatically sets up all required permissions
- Minimal manual configuration needed
- AWS Role (Manual)
- Secure method with more control
- Requires manual setup of permissions
- Good for organizations with strict security policies
- AWS Access Keys – Least Recommended
- Uses access key credentials
- Higher security risk
- Requires manual key management
Best Practices
- Regularly review and audit access permissions
- Monitor CloudFormation stack status
- Keep access keys secure and rotate them regularly
- Document any custom configurations
- Regularly verify integration status
