home

Security Service Edge

Mobile Endpoint SecuritySecurity Service Edge
Mobile Endpoint SecuritySecurity Service Edge

Lookout Product Documentation

Find answers about using and optimizing Lookout products.

Show Contents

Security Service Edge

Manual Onboarding

Onboarding Steps

  1. In the Lookout Management Console, select Administration > App Management and click New.
  2. Select AWS from the prompt.
  3. Enter a Name (required) and a Description (optional) and click Next.
  4. For the application, check Amazon Web Services and click Next.
  5. Select one or more of the following protection models by clicking the toggle for each protection model to include.
    • Cloud Authentication
    • App Access
    • API Access
    • Cloud Security Posture
    • Dynamic DRM
  6. Click Next. Notes
    • To onboard AWS in inline mode, you must choose both App Authentication and App Access.
    • To onboard AWS in API mode, choose API Access.
    • If you choose Dynamic DRM, you must also choose API Access.
    • Cloud Security Posture Management (CSPM) provides tools to monitor resources used in your organization and assess security risk factors against security best practices for AWS cloud applications. To enable use of CSPM, you must choose Cloud Security Posture as a protection model.
  7. If you selected API Access:
    1. Click the AWS Monitoring toggle and enter the following information in the API section of the Configuration page.
      This is the information you had generated in Step 2 of the configuration steps (Create an Identity Access Management (IAM) role for Secure Cloud Access).
      • External ID
      • Role ARN
      • SQS Queue Name and SQS Region (see Step 6 - Create Simple Queue Service [SQS])
    2. In the Authentication section, click the Authorize button and click Next.

      A popup message appears prompting you to confirm that the required policies (according to the selected protection models) are assigned to the role.

      Be sure your browser is configured to allow pop-ups to be displayed.

    3. Click Continue to confirm that the required policies are displayed.

      When the authorization is complete, a green checkmark appears next to the Authorize button, and the button label now reads Re-Authorize.

    4. Click Next to display a summary of the onboarding settings.
    5. Click Save to complete onboarding.

      The new cloud application is displayed as a tile on the App Management page.

  8. If you selected App Authentication and App Access:
    1. In the Tenant Identifier Domain Prefix field on the Configuration tab, enter your AWS account ID(s).
      You can enter more than one, separated by commas.

      To locate your AWS account ID, sign in to AWS and click your username in the top right corner. If you have multiple accounts, you can also find their account ID numbers on the login page where you select the accounts to sign in to.

    2. Click Next.
    3. For User Access, you can click All Users or use the controls to select specific users to allow access to this application.
    4. Click Next to display a summary of the onboarding settings.
    5. Click Save to complete onboarding.
      The new cloud application is displayed as a tile on the App Management page.
Note: When you try to onboard AWS cloud in API mode for quarantine purpose only, the cloud connection status shows “Not able to connect to the Cloud Application” error message. This is an expected behavior, however the quarantine functionality works as expected.

Last updated: November 20, 2024

lookout-footer

Legal Privacy Policy Cookie Policy Transparency Report Compliance Info Compliance Info (Gov)

© 2024 Lookout, Inc. LOOKOUT®, the Lookout Shield Design®, LOOKOUT with Shield Design® and the Lookout multi-color/multi-shaded Wingspan Design® are registered trademarks of Lookout, Inc. in the United States and other countries. DAY OF SHECURITY®, LOOKOUT MOBILE SECURITY®, and POWERED BY LOOKOUT® are registered trademarks of Lookout, Inc. in the United States. Lookout, Inc. maintains common law trademark rights in EVERYTHING IS OK, PROTECTED BY LOOKOUT, CIPHERCLOUD, and the 4 Bar Shield Design.