Skip to main content

Netskope Help

Get your AWS GuardDuty Credentials

There are two options for entitling Cloud Exchange to pull IoC information from your GuardDuty service: using an access/secret key, or an AWS session token. AWS recommends the latter when Cloud Exchange is running in an AWS environment.

AWS Access Key ID (Public Key)

  1. Log in to your AWS Console.

  2. Click on the top right corner; you will see a screen similar to that shown below.

    image4.png

  3. Scroll down and you’ll see the “Create access key” button as shown below.

    image5.png

  4. Click Create access key. AWS will automatically create an access key and secret access key to use in Threat Exchange.

    image6.png

  5. Copy the Access and Secret access keys.

    Note

    The Secret access key will only be shown once, so store it in a safe location for later use

AWS Session Token

  1. You can obtain a session token via API or through the SDK. Refer to the links below:

  2. https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/sts.html#STS.Client.get_session_token

  3. https://docs.aws.amazon.com/STS/latest/APIReference/API_GetSessionToken.html

Detector ID

  1. Open the AWS GuardDuty console.

  2. Go to Settings.

    image7.png

  3. Copy the Detector ID for later use.

    image8.png
In this section: