Onboard an AWS GovCloud or AWS China Environment

This topic explains how to add an AWS GovCloud or AWS China environment to CloudGuard. This onboarding process adds all regions and Security Groups in the AWS environment to the CloudGuard console and enables you to manage the AWS Security Groups from CloudGuard.

The onboarding process for these environments is similar to that for regular accounts (see Onboard an AWS Environment for details), except that permissions to CloudGuard to access the account are user-based, while for regular accounts they are role-based. An IAM user is created in the AWS GovCloud or China account, which CloudGuard uses to access the account.

You can manage AWS GovCloud or China accounts in CloudGuard as Read-Only or Full-Protection, as for regular AWS accounts.