Deep Security has some great out of the box integrations with AWS. Like our cloud connector that automatically manages your current inventory of EC2 instances within Deep Security. But did you know that Trend Micro’s Deep Security has an API that lets you integrate even further with AWS?

This API lets you automate some of the more repetitive tasks like user creation, permissions assignment, and account configuration.

Nobody likes to manually enter the same data over and over again. This post highlights a simple script that will automatically;

  • Create a new AWS IAM user that Deep Security can use
  • Create and assign the required IAM Role to assign the permissions required for Deep Security to see your EC2 instances
  • Configure your AWS account and all regions within Deep Security

This takes a several step process and turns it into a quick, repeatable command line tool. Watch the following video to see it in action;

 

Ok so isn’t that neat and easy? In order to execute you’ll need the following;

  • AWS CLI tools installed and configured with at least rights to create and modify users in IAM (If you don’t have this installed check out the following link: https://aws.amazon.com/cli/)
  • Ability to execute a BASH shell script
  • The script itself (see below)
The script is available in this GitHub gist: Now you can run the script with a command similar to the following: $ create-iam-cloudaccount <managerUsername> <managerUrl:port> Amazon <newAwsUserToCreate> (if needed <tenant ID>)

So If I was to use it on a newly created Deep Security Manager it might look like:

$ create-iam-cloudaccount administrator 10.X.X.X:443 Amazon DeepSecUser

It is really that easy.  This will attach to most Regions currently in AWS (currently Seoul is supported on only some versions of the manager) If you don’t want to sync every region you can remove some of them from line 33 in the script.

Now that you are synced, you can start to take advantage of all the great automated tasks that Deep Security can do that have been highlighted in previous and upcoming blog posts.  As always if you have any questions please reach out at aws@trendmicro.com and continue looking at www.trendmicro.com/aws for new blogs and security tricks in Amazon web Services.

 Post written by AWS Security Ninja: Zack Milem