Skip to main content
All CollectionsIntegrations
Connecting AWS to Drata
Connecting AWS to Drata

Making the initial connection to Amazon Web Services

Ashley Hyman avatar
Written by Ashley Hyman
Updated over a week ago

HERE'S WHY

Connecting Amazon Web Services (aka "AWS") to Drata allows for the automated, continuous monitoring and evidence collection of the dozens of infrastructure security controls required for compliance.

BEFORE DIVING IN

Make sure you have Admin access to your company's AWS account to be able to create new roles.

HERE'S HOW

Follow these instructions to connect AWS to Drata:

1. Select "Connections'' on the side navigation menu.

2. Select the 'Available connections' tab and then search for 'AWS' to select the connect button for the AWS integration.

3. Follow the instructions in the slide-out panel carefully. Take your time and complete one step entirely before moving on to the next. For more information, go to AWS Connection Details.

Tips:

  • Use the copy buttonto quickly copy the long important strings of characters.

  • Enter the ARN for the role you just created ("DrataAutopilotRole") from AWS into the Role ARN field in the connection drawer.

Monitoring tests covered

  • Test 4: SSL/TLS on Admin Page of Infrastructure Console

  • Test 30: Availability Zones Used

  • Test 68: Customer Data is Encrypted at Rest

  • Test 69: Customer Data in Cloud Storage is Encrypted at Rest

  • Test 88: MFA on Infrastructure Console

  • Test 95: Infrastructure Accounts Properly Removed

  • Test 98: Employees have Unique Infrastructure Accounts

  • Test 102: Public SSH Denied

  • Test 104: Cloud Data Storage Exposure

  • Test 105: AWS Guard Duty

  • Test 107: Daily Database Backups

  • Test 108: Storage Data Versioned or Retained

  • Test 112: Database CPU Monitored

  • Test 113: Database Free Storage Space Monitored

  • Test 114: Database Read I/O Monitored

  • Test 115: Messaging Queue Message Age Monitored

  • Test 117: NoSQL Cluster Storage Utilization Monitored

  • Test 118: Infrastructure Instance CPU Monitored

  • Test 119: Firewall Default Disallows Traffic

  • Test 122: Web Application Firewall in Place

  • Test 124: Root Infrastructure Account Unused

  • Test 130: Load Balancer Used

Did this answer your question?