Skyhigh for AWS

Objective: Create a Skyhigh for AWS Service Instance



Perform the steps below from the Skyhigh Dashboard browser tab you opened in the previous section.

Add an AWS Service Instance

  1. From the configuration gear in the upper right of the Skyhigh Dashboard, select Service Management.
  2. This next step will depend if you already have AWS defined in your student tenant (depending this tenant’s previous lives / workshops).

If you already have Amazon Web Services in the services list on the left hand side of the screen:

  1. Click the first entry under Amazon Web Services
  2. On the Setup tab, click the Enable button in the API box:

Configure Existing AWS Entry Configure Existing AWS Entry

If you do NOT have an Amazon Web Services entry on the services list:

  1. Click the Add Service Instance button.

  2. Select Amazon Web Services icon.

  3. Provide a name to identify this AWS configuration (useful if you have multiple AWS organizations). You can use “AWS” or something else more creative.

  4. After a few moments, you’ll be taken to the Service Management page for the AWS service instance you just added. On the Setup tab, click then Enable button in the API box to begin setup.

  5. On the Setup tab click the Enable button in the API box

  6. On the Features screen, toggle Data Loss Precention (DLP) to on and enable the On-Demand Scan option. Please do not enable any other options at this time as they will change the configuration screens that follow. Click the Next button. Event Engine Event Engine

  7. Acknowledge that you have reviewed the prerequisites for AWS (your AWS account meets them).

  8. When you are presented with the Accounts screen that asks for a Role ARN, note the Skyhigh AWS Account ID and External ID displays as you will use these values to configure AWS in the next step. Account IDs Account IDs

Please keep your Skyhigh tab open while you continue with the lab