Add AWS environments using AWS CloudShell or AWS CLI

You can add your AWS environment using a script that Sophos Cloud Optix creates for you.

You can run the script with AWS CloudShell, or you can download, install and configure AWS CLI.

If you want to run the script with limited permissions, see Permissions needed to run Sophos scripts. If not, you must use an IAM Administrator role to run the script.

If you use AWS CLI you must use version 2.0.33 or later, and you must install it on the computer where you'll run the script. For more information see Set up AWS CLI to run scripts.

Note The instructions for using the AWS CLI script are only valid for a Linux or macOS AWS CLI. The scripts don't work with Windows.

To create your script, do as follows:

  1. Go to SETTINGS > Add Environments > AWS.
  2. Click Choose a full setup option.
  3. Click AWS CloudShell or AWS CLI (Linux and Mac only), or the relevant Go button.
  4. Select Use standard setup or Customize your setup and click Continue.

    If you are unsure, you can switch back and forth in the assistant to see the differences.

  5. Answer the questions as you go through the assistant. The assistant uses your answers to set variables in the script it creates.

    For more details of these variables, see AWS CLI script variables.

  6. The assistant creates your script and other commands. Download these commands and run them with AWS CloudShell, or with AWS CLI on your Mac or Linux computer.

After the script finishes, you see the message All steps done!. If there are no errors, your environment shows in the Sophos Cloud Optix dashboard.

Note After adding your AWS account to Sophos Cloud Optix, you can add Amazon Elastic Kubernetes Service (EKS) clusters. You must add these clusters to Sophos Cloud Optix separately, using the Amazon CLI script provided by Sophos. See Add your Amazon EKS clusters.