An AWS profile is a feature that allows Sophos UTM to communicate to different AWS services such as Amazon CloudWatch, Amazon Virtual Private Cloud (VPC), etc. This profile stores your account security credentials in order to retrieve or post information to the different AWS services.
If you are running Sophos UTM on AWS, the AWS profile will be automatically generated using the Elastic Compute Cloud (EC2) instance profile hosting Sophos UTM.
Note – For more information on the EC2 instance profile, see the AWS Documentation.
If you are using Sophos UTM outside of AWS and would like Sophos UTM to interact with different AWS services or you would like to restrict Sophos UTM access down to the daemon level for different AWS services, you will need to configure an AWS profile.
To create an AWS profile, proceed as follows:
On the Profiles page click New Profile.
The Add Profile dialog box opens.
Make the following settings:
Profile name: Enter the name for the AWS profile.
Region: Select the region where your AWS instance is located.
Access key ID: Enter your AWS access key.
Note – For more information on access keys, see the AWS Documentation.
Secret access key: Enter your AWS secret access key.
Output format: If required, change the output format.
Comment (optional): Add a description or other information.
Optionally, make the following advanced settings:
Session token: Enter your session token for temporary access to your AWS instance.
Note – A session token is only required if you use the CLI. For more information on session tokens, see the AWS Documentation.
The profile appears in the list.