HERE'S WHY
Connecting Amazon Web Services (aka "AWS") to Drata allows for the automated, continuous monitoring and evidence collection of the dozens of infrastructure security controls required for compliance.
BEFORE DIVING IN
Make sure you have Admin access to your company's AWS account to be able to create new roles.
HERE'S HOW
Follow these instructions to connect AWS to Drata:
1. Select "Connections" on the side navigational menu.
2. Select the 'Available connections' tab and then search for 'AWS' to select the connect button for the AWS integration.
3. Follow the instructions in the slide-out panel carefully. Take your time and complete one step entirely before moving on to the next. For more information, go to AWS Connection Details.
Tips:
Use the copy button
to quickly copy the long important strings of characters.Enter the ARN for the role you just created ("DrataAutopilotRole") from AWS into the Role ARN field in the connection drawer.
Monitoring tests covered
Test 4: SSL/TLS on Admin Page of Infrastructure Console
Test 30: Availability Zones Used
Test 68: Customer Data is Encrypted at Rest
Test 69: Customer Data in Cloud Storage is Encrypted at Rest
Test 88: MFA on Infrastructure Console
Test 95: MFA on Infrastructure Console
Test 98: Employees have Unique Infrastructure Accounts
Test 102: Public SSH Denied
Test 104: Cloud Data Storage Exposure
Test 105: AWS Guard Duty
Test 107: Daily Database Backups
Test 108: Daily Database Backups
Test 112: Database CPU Monitored
Test 113: Database Free Storage Space Monitored
Test 114: Database Read I/O Monitored
Test 115: Messaging Queue Message Age Monitored
Test 117: NoSQL Cluster Storage Utilization Monitored
Test 118: NoSQL Cluster Storage Utilization Monitored
Test 119: Firewall Default Disallows Traffic
Test 122: Web Application Firewall in Place
Test 124: Root Infrastructure Account Unused
Test 130: Load Balancer Used