Step 1/2: Configure AWS Accounts & Services for CSA
Step 1/2: Configure AWS Accounts & Services for CSA
On the Accounts & Services screen provide your AWS account number, account name, and admin email address. Then enable the services you want to run on the AWS accounts.
- Enter the AWS account number, account name, and admin email address in the text box. You can upload a CSV file with the account information, or enter it individually using the following format:
123456789012,test,andrew@netskope.com 764389765412,develop 345689713654,production,timms@netskope.com
Note
Account name is required to help you easily identify each account in the Netskope tenant. Email address is optional.
For information on how to create a CSV file, see Creating a CSV file.
- In the Services section, select Security Posture.
This feature scans the AWS resources for misconfigurations and measures them against compliance benchmarks and best practices such as, CIS, PCI-DSS, NIST, and Netskope’s recommended best practices.
You can view the compliance status of your resources in the Compliance > Security Posture, IaaS > Overview, and IaaS > Inventory pages.
After providing the account information and selecting the services, proceed to Step 2/2: Configure AWS Permissions for CSA.
Creating a CSV file
An effortless way to add multiple AWS accounts in the setup screen is to create a CSV file with the account numbers, account names, and email addresses.
You can use Microsoft Excel or Google Sheets to create a CSV file. To get the list of AWS account numbers, account names, and email addresses using the AWS CLI, run the following command:
aws --output=text organizations list-accounts | awk -F't' '{printf("%s,%s,%sn",$4,$7,$3)}'
The output of this command can then be copied to a spreadsheet in Microsoft Excel or Google Sheets and saved as a comma separated CSV, as shown in the screenshot.
This CSV file can then be uploaded to the setup screen.