Legacy: Add remediation (Guardrails)

You can enable remediation features for AWS environments.

Warning You must only use this help section if you opened your Sophos Cloud Optix account before November 17th 2020. If you opened your account after that date, you must use the instructions under Add your AWS environments.

By default, Sophos Cloud Optix needs only read-only access to your AWS environment.

If you want to enable the optional remediation features (Guardrails), you need to set up additional roles:

  1. Go to Settings > Environments.
  2. Select an AWS environment and click Edit (the pen icon on the far right).
  3. Follow the instructions provided and generate the Remediate Role ARN and Remediate External Id.

In Sophos Cloud Optix click Remediation to set up automatic or manual remediation.