Add your AWS environment
You can add your AWS environments to Sophos Cloud Optix using Quick Start or Full Setup.
Before you start
Before you add AWS environments, you must be aware of the following points:
- By adding your AWS environment, you authorize Sophos to access information via APIs and collect log data from your environment. Your cloud provider may charge you for this. Contact them for details. See Cloud provider charges.
- AWS regions that aren't connected to the global AWS infrastructure, including AWS GovCloud (US) and AWS China, aren't supported.
- Sophos Cloud Optix doesn't support AWS's legacy EC2-Classic platform, which was deprecated in 2013. You can add AWS environments that are on the EC2-VPC platform.
Quick Start
Quick Start gets you up and running easily. You don't have to run scripts or create additional resources in your AWS environment. You get a limited set of features.
Quick Start supports core features, including:
- Inventory
- Security configuration scanning
- Spend monitoring
- Sophos server workload agent integration
Quick Start doesn't support the following advanced features:
- Network traffic information flow displayed on Network Visualization
- Outbound network traffic anomaly detection and alerts
- Activity Logs, including identification of high-risk activities
- User login anomaly detection and alerts
- Sophos Managed Detection and Response (MDR) integration
If you want to use advanced features, you need to use one of the full setup methods. You can do this at a later stage for the same account. You don't have to remove the environment first. See Use AWS Quick Start.
Full Setup methods
Full setup methods create resources in AWS to collect VPC flow logs and CloudTrail logs from your environment. The "Add your AWS environment" assistant guides you through the process.
Choose from the following full setup methods:
- Use AWS CloudFormation. See Use AWS CloudFormation.
- Use AWS CloudFormation with AWS Organizations. See Use AWS Organizations.
- Use the Sophos-provided script for Linux and macOS. See Use AWS CloudShell or CLI.
- Use an AWS organization trail. See Use an organization trail.
- Using the Terraform template provided. See Use Terraform.
To find out which resources Sophos Cloud Optix creates in your AWS environments, see Resources created in AWS environments.
If you're using AWS Organizations to manage multiple AWS accounts centrally, you must use AWS CloudFormation to add your accounts to Sophos Cloud Optix.
Note
After adding your AWS account to Sophos Cloud Optix, you can add Amazon Elastic Kubernetes Service (EKS) clusters. You must add these clusters to Sophos Cloud Optix separately, using the Amazon CLI script provided by Sophos. See Add Amazon EKS clusters.