This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
StuartGreen
Employee
Employee
‎2021-02-23 02:03 AM

Onboarding AWS Organizations to CSPM

Onboarding AWS Organizations to CSPM
Current Time 0:00
Duration 0:00
Loaded: 0%
Stream Type LIVE
Remaining Time 0:00
 
1x
    • Chapters
    • descriptions off, selected
    • captions off, selected
      (view in My Videos)

       

      Resources:

      https://github.com/dome9/onboarding-scripts

      4 Replies
      Ken1
      Participant
      ‎2021-08-02 07:22 PM

      Do I have enough permissions for the ReadOnly policy in AWS?
      I'm getting a missing permission error in the WebUI. There is also a difference with the JSON specified for onboarding.

      "Sid": "Dome9ReadOnly",
      "Action": [
      "apigateway:GET",
      "athena:GetQueryExecution",
      "athena:GetWorkGroup",
      "backup:ListBackupVaults",
      "cognito-identity:DescribeIdentityPool",
      "cognito-idp:DescribeUserPool",
      "cognito-idp:DescribeRiskConfiguration",
      "dynamodb:ListTagsOfResource",
      "ec2:SearchTransitGatewayRoutes",
      "elasticfilesystem:Describe*",
      "elasticache:ListTagsForResource",
      "es:ListTags",
      "eks:DescribeNodegroup",
      "eks:ListNodegroups",
      "glue:GetConnections",
      "glue:GetSecurityConfigurations",
      "kafka:ListClusters",
      "kinesis:List*",
      "kinesis:Describe*",
      "kinesisvideo:Describe*",
      "kinesisvideo:List*",
      "logs:Get*",
      "logs:FilterLogEvents",
      "logs:ListLogDeliveries",
      "mq:DescribeBroker",
      "mq:ListBrokers",
      "network-firewall:DescribeFirewall",
      "network-firewall:DescribeLoggingConfiguration",
      "network-firewall:ListFirewalls",
      "personalize:DescribeDatasetGroup",
      "personalize:ListDatasetGroups",
      "s3:List*",
      "secretsmanager:DescribeSecret",
      "sns:ListSubscriptions",
      "sns:ListTagsForResource",
      "sns:GetPlatformApplicationAttributes",
      "sns:ListPlatformApplications",
      "states:DescribeStateMachine",
      "transcribe:Get*",
      "transcribe:List*",
      "translate:GetTerminology",
      "waf-regional:ListResourcesForWebACL",
      "wafv2:ListWebACLs",
      "wafv2:ListResourcesForWebACL",
      "eks:ListFargateProfiles",
      "eks:DescribeFargateProfile"
      ],

      0 Kudos
      Shay_Levin
      Admin
      Admin
      ‎2021-08-12 02:33 AM
      In response to Ken1

      Did you add the SecurityAudit’ (AWS managed policy) to the role ?

      0 Kudos
      Ken1
      Participant
      ‎2021-09-28 05:46 PM
      In response to Shay_Levin

      Sorry, I'm taking about yaml of CloudFormation.

      https://github.com/dome9/onboarding-scripts/tree/master/AWS/cloudformation

      I think ReadOnly policy does not have enough permissions.

      0 Kudos
      Guyshteinberg
      Employee
      Employee
      ‎2021-10-04 11:02 PM
      In response to Ken1

      Hello,

       

      You are correct, on the given repo the readonly policy is outdated.

      I have created a new repo that will always have the most updated readonly policy - https://github.com/dome9/policies

      We are changing the concept of onboarding so there will be many improvements in the near months.

       

      Thanks,

      Guy Shteinberg

      UPCOMING CLOUDMATES EVENTS
        Sort by:
        All CloudMates Events
        Top