You can use AWS IAM to securely control access to your AWS resources. To integrate with MVISION Cloud, you'll use IAM role-based authentication to create a role in AWS to trust a MVISION Cloud AWS account. When completing the integration, you'll enter the ARN of each role, providing MVISION Cloud appropriate access to your organization's AWS account(s). Keys are never exchanged as part of this process.
You can learn more about IAM here: https://aws.amazon.com/iam/faqs/
To set up IAM role for MVISION Cloud:
- In an AWS account that contains CloudTrail logs
In order to use the Compliance Policies, grant the ReadOnlyAccess permissions, or minimal required permissions as detailed in Configure MVISION Cloud IAM Roles for AWS.