Legacy: AWS Quick-start

These instructions tell you how to use the AWS Quick-start option to connect your AWS accounts to Sophos Cloud Optix easily.

Warning You must only use this help section if you opened your Sophos Cloud Optix account before November 17th 2020. If you opened your account after that date, you must use the instructions under Add your AWS environments.

Using a simple CloudFormation template, Quick-start creates a read-only IAM role in your AWS account. Sophos Cloud Optix uses this role to access information via APIs to monitor security.

Quick-start gets you up and running with core features, including inventory and security configuration benchmark scanning. The following advanced features are not supported by the Quick-start setup option:

  • Network traffic information flow displayed on Network Visualization.
  • Searching for outbound network traffic information.
  • Outbound network traffic anomaly detection and alerts.
  • Activity Logs, including Activity Log visualizations and identification of high risk activities.
  • User login anomaly detection and alerts.

To use these features, use one of the full setup options.

If you use Quick-start you can use a full setup option later without removing the environment you already created.

To use Quick-start, do as follows:

  1. Sign in to your AWS console with the account you want to add to Sophos Cloud Optix
  2. Sign in to Sophos Cloud Optix.
  3. In Sophos Cloud Optix, under Settings click Environments.
  4. Click Add new environment and select AWS from the list.
  5. Click the Add an AWS account using CloudFormation (Quick-start) setup option.
  6. Read the information and click Launch Stack.
    This opens Quick create stack in your AWS console and automatically populates it with the parameters required to connect your environment to Sophos Cloud Optix. Don't change any of these parameters.
  7. In your AWS console, turn on I acknowledge that AWS CloudFormation might create IAM resources with custom names.
  8. In your AWS console, Click Create Stack.
    This creates an IAM role (Avid-Role) in your AWS account and connects your AWS account to Sophos Cloud Optix.
Note After adding your AWS account to Cloud Optix, you can add Amazon Elastic Kubernetes Service (EKS) clusters. You must add these clusters to Sophos Cloud Optix separately, using the Amazon CLI script provided by Sophos. See Add your Amazon EKS clusters.