Scan your VPCs and virtual machines hosted on Amazon Web Services (AWS) with Lansweeper Sites (in the cloud). An asset is created for each VPC that has instances connected to it and for each instance as well. Any EC2-VPC environment can be scanned.
To scan an AWS cloud environment, the following requirements must be met:
Your Lansweeper Sites license must support AWS scanning.
Your VPCs and instances must be located in one of the following regions: Africa (Cape Town), Asia Pacific (Hong Kong), Asia Pacific (Mumbai), Asia Pacific (Osaka), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), AWS GovCloud (US-East), AWS GovCloud (US-West), Canada (Central), China (Beijing), China (Ningxia), Europe (Frankfurt), Europe (Ireland), Europe (London), Europe (Milan), Europe (Paris), Europe (Stockholm), Middle East (Bahrain), South America (São Paulo), US East (N. Virginia), US East (Ohio), US West (N. California), US West (Oregon).
Your Lansweeper Sites scanning server must have access to the internet.
Your Lansweeper Sites scanning server must be able to connect to https://*.amazonaws.com.
Generate an access key
Log in to your AWS account.
Navigate to Identity and Access Management (IAM).
Go to Policies>Create policy.
Select the EC2 service. Under Access level, select the List checkbox, then select Review policy.
Enter a name and description for your policy, then select Create policy.
Select Users>Add user.
Enter a user name. Next to Access type select Programmatic access, then select Next: Permissions.
Select the Attach existing policies directly option, select the policy you previously created, then select Next: Tags.
Optionally, tag your user then select Next: Review.
Confirm your submitted settings are correct, then select Create user.
Select Show to display your secret access key. Copy the Access key ID and Secret access key. You’ll use these keys to create an AWS scanning credential.
Create an AWS scanning credential
In your Lansweeper Site, go to Scanning > Credential vault.
Default credential > Add default credential. Default credentials are automatically linked to all scanning targets on the same installation, so you won’t need to map your targets individually.
My credentials > Add default credential. These credentials must be manually linked to each individual scanning target.
Select AWS > Add credential.
Enter a name to identify the credential.
Enter your copied Access key and Secret key.
Select Save and exit.
Create a scanning target for your AWS region
In your Lansweeper Site, go to Scanning > Targets > Add scanning target.
From the dropdown, select the scan server in which to configure the scan target.
Select AWS Region from the list, then Add target.
One of more of the options below, then select a region from the list.
Select a scanning schedule, and optionally add a description.
Under Available credentials, select the credentials you want to map to the target.
Select Save and exit.
To view your new target, go to Scanning > All targets.
Was this post helpful? Select Yes or No below! Did you have a similar issue and a different solution? Or did you not find the information you needed? Create a post in our Community Forum for your fellow IT Heroes! More questions? Browse our Quick Tech Solutions.