Onboard AWS accounts to Log.ic

This topic explains how to onboard AWS accounts to use CloudGuard Logic.

Your account must already be onboarded to CloudGuard Dome9. If your account is not yet onboarded, follow these steps.

Log.ic uses VPC Flow Logs and CloudTrail logs from your AWS account. These must be connected to an AWS CloudWatch Log Group (without subscription filters).

In the onboarding steps below, you will add an IAM policy to your AWS account that grants CloudGuard permission to create subscription filters. These are used to receive VPC Flow logs and CloudTrail logs. These steps should be repeated for each account that is onboarded to Log.ic. Once permissions have been granted for an account, they are sufficient for all VPCs and CloudTrail logs in that account.

The onboarding process has steps performed on the AWS console, and others performed on CloudGuard, to onboard information from the selected AWS accounts to Log.ic.

See also

Onboard an AWS Account

Log.ic Overview