Skip to content

Use AWS CloudShell or CLI

You can add your AWS environment using a script that Sophos Cloud Optix creates for you.

You can run the script with AWS CloudShell or download, install, and configure AWS CLI.

If you want to run the script with limited permissions, see Permissions for Sophos scripts. If not, you must use an IAM Administrator role to run the script.

If you use AWS CLI, you must use version 2.0.33 or later and install it on the computer where you run the script. For more information, see Set up AWS CLI for scripts.

Warning

The AWS CLI script instructions are only valid for a Linux or Mac AWS CLI. The scripts don't work with Windows.

Use standard setup

To create your script using a standard setup, do as follows:

  1. Sign in to your Sophos Cloud Optix.
  2. Click Add Environments then click AWS.
  3. Click Choose a full setup option.
  4. Click AWS CloudShell or CLI (Linux and Mac only), or the relevant Go button.
  5. Select Use standard setup and click Continue.

  6. Follow the on-screen instructions to add your AWS account to Sophos Cloud Optix.

    The assistant creates your script and other commands. After the script finishes, you'll see the message: All steps done!.

  7. If there are no errors, click Finish.

Your environment shows in the Sophos Cloud Optix dashboard.

Customize your setup

  1. Sign in to your Sophos Cloud Optix.
  2. Click Add Environments then click AWS.
  3. Click Choose a full setup option.
  4. Click AWS CloudShell or CLI (Linux and Mac only), or the relevant Go button.
  5. Select Customize your setup and click Continue.

  6. Answer the questions as you go through the assistant. The assistant uses your answers to set variables in the script it creates.

    For more details on these variables, see AWS CLI script variables.

  7. Follow the on-screen instructions to add your AWS account to Sophos Cloud Optix.

    The assistant creates your script and other commands. After the script finishes, you'll see the message: All steps done!.

  8. If there are no errors, click Finish.

Your environment shows in the Sophos Cloud Optix dashboard.

Adding EKS clusters

After adding your AWS account to Sophos Cloud Optix, you can add Amazon Elastic Kubernetes Service (EKS) clusters.

You must add these clusters to Sophos Cloud Optix separately using the Amazon CLI script provided by Sophos. See Add Amazon EKS clusters.