home

Security Service Edge

Mobile Endpoint SecuritySecurity Service Edge
Mobile Endpoint SecuritySecurity Service Edge

Lookout Product Documentation

Find answers about using and optimizing Lookout products.

Show Contents

Security Service Edge

Manual Onboarding

Step 1 - Create IAM Role for Lookout Secure Cloud Access

  1. In the AWS console, click Roles and select Create role.
  2. Select Role Type: Another AWS Account.
  3. For Account ID, obtain this ID from the Lookout DevOps team.
    This is the account ID for the AWS account in which the tenant Management Server is onboarded.
  4. Under Options, check Require External ID.
  5. Enter the following information:
    • External ID - Enter a unique attribute to be used while onboarding AWS S3 in Secure Cloud Access (for example, aws-security-monitor).
    • Require MFA - Do not check.
  6. Click Next: Permissions.
    Do not attach any policies.
  7. (Optional) Click Next: Tags and enter any tags in the Add Tags page.
  8. Click Next: Review.
  9. Enter a Role Name (for example, AWS-Security-Monitor) and click Create Role.
  10. Search for the role name you created and click it.
  11. Copy the role ARN.
  12. Select Roles > Trust relationships tab > AWS-Security-Monitor summary view.
    Locate the Condition section and copy the ExternalID value.

Last updated: November 20, 2024

lookout-footer

Legal Privacy Policy Cookie Policy Transparency Report Compliance Info Compliance Info (Gov)

© 2024 Lookout, Inc. LOOKOUT®, the Lookout Shield Design®, LOOKOUT with Shield Design® and the Lookout multi-color/multi-shaded Wingspan Design® are registered trademarks of Lookout, Inc. in the United States and other countries. DAY OF SHECURITY®, LOOKOUT MOBILE SECURITY®, and POWERED BY LOOKOUT® are registered trademarks of Lookout, Inc. in the United States. Lookout, Inc. maintains common law trademark rights in EVERYTHING IS OK, PROTECTED BY LOOKOUT, CIPHERCLOUD, and the 4 Bar Shield Design.