Installation onhttps://docs.protegrity.com/cloud-protect/4.0.0/docs/aws/api/installation/Recent content in Installation onHugoenPrerequisiteshttps://docs.protegrity.com/cloud-protect/4.0.0/docs/aws/api/installation/prerequisite/Mon, 01 Jan 0001 00:00:00 +0000https://docs.protegrity.com/cloud-protect/4.0.0/docs/aws/api/installation/prerequisite/<ol id="toc"></ol> <script> // JavaScript to generate the table of contents from H2 headings document.addEventListener("DOMContentLoaded", function () { //get all h2 headings within the 'main' element and generate a toc with links to them //excluding h2 heading 'Feedback' if it exists const toc = document.getElementById("toc"); const headings = document.querySelectorAll("main h2"); headings.forEach(heading => { if (heading.textContent === "Feedback") { return; // Skip the 'Feedback' heading } const li = document.createElement("li"); const a = document.createElement("a"); const id = heading.textContent.toLowerCase().replace(/\s+/g, '-'); heading.id = id; // Set the id for the heading a.href = `#${id}`; a.textContent = heading.textContent; li.appendChild(a); toc.appendChild(li); }); }); </script> <p> <h2 id="aws-services">AWS Services</h2> <p>The following table describes the AWS services that may be a part of your Protegrity installation.</p>Pre-Configurationhttps://docs.protegrity.com/cloud-protect/4.0.0/docs/aws/api/installation/preconfiguration/Mon, 01 Jan 0001 00:00:00 +0000https://docs.protegrity.com/cloud-protect/4.0.0/docs/aws/api/installation/preconfiguration/<ol id="toc"></ol> <script> // JavaScript to generate the table of contents from H2 headings document.addEventListener("DOMContentLoaded", function () { //get all h2 headings within the 'main' element and generate a toc with links to them //excluding h2 heading 'Feedback' if it exists const toc = document.getElementById("toc"); const headings = document.querySelectorAll("main h2"); headings.forEach(heading => { if (heading.textContent === "Feedback") { return; // Skip the 'Feedback' heading } const li = document.createElement("li"); const a = document.createElement("a"); const id = heading.textContent.toLowerCase().replace(/\s+/g, '-'); heading.id = id; // Set the id for the heading a.href = `#${id}`; a.textContent = heading.textContent; li.appendChild(a); toc.appendChild(li); }); }); </script> <p> <h2 id="provide-aws-sub-account">Provide AWS sub-account</h2> <p>Identify or create an AWS account where the Protegrity solution will be installed. It is recommended that a new AWS sub-account be created. This can provide greater security controls and help avoid conflicts with other applications that might impact regional account limits. An individual with the Cloud Administrator role will be required for some subsequent installation steps.</p>Protect Service Installationhttps://docs.protegrity.com/cloud-protect/4.0.0/docs/aws/api/installation/protector/Mon, 01 Jan 0001 00:00:00 +0000https://docs.protegrity.com/cloud-protect/4.0.0/docs/aws/api/installation/protector/<ol id="toc"></ol> <script> // JavaScript to generate the table of contents from H2 headings document.addEventListener("DOMContentLoaded", function () { //get all h2 headings within the 'main' element and generate a toc with links to them //excluding h2 heading 'Feedback' if it exists const toc = document.getElementById("toc"); const headings = document.querySelectorAll("main h2"); headings.forEach(heading => { if (heading.textContent === "Feedback") { return; // Skip the 'Feedback' heading } const li = document.createElement("li"); const a = document.createElement("a"); const id = heading.textContent.toLowerCase().replace(/\s+/g, '-'); heading.id = id; // Set the id for the heading a.href = `#${id}`; a.textContent = heading.textContent; li.appendChild(a); toc.appendChild(li); }); }); </script> <h2 id="protect-service-installation">Protect Service Installation</h2> <p>The following sections install the Cloud Protect serverless Lambda function.</p><link>https://docs.protegrity.com/cloud-protect/4.0.0/docs/aws/api/installation/cheat-sheet/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://docs.protegrity.com/cloud-protect/4.0.0/docs/aws/api/installation/cheat-sheet/</guid><description><h2 id="cheat-sheet-recommendation">Cheat Sheet Recommendation</h2> <div class="alert alert-tip" role="alert"> <h4 class="alert-heading">Tip</h4> During the installation you will need output of steps, such as resources names and ids. We recommend copying the following cheat sheet into a notepad and fill in the information as you progress with the installation. </div> <p><strong>AWS Account ID: ___________________</strong></p> <p><strong>AWS Region (AwsRegion): ___________________</strong></p> <p><strong>S3 Bucket name (ArtifactS3Bucket): ___________________</strong></p> <p><strong>KMS Key ARN (AWS_KMS_KEY_ID): ___________________</strong></p> <p><strong>ProtectLambdaPolicyName: __________________</strong></p> <p><strong>Role ARN (LambdaExecutionRoleArn): ___________________</strong></p> <p><strong>ApiGatewayId: ________________________________</strong></p> <p><strong>ProtectFunctionName: __________________________</strong></p> <p><strong>ProtectLayerName: _____________________________</strong></p></description></item><item><title/><link>https://docs.protegrity.com/cloud-protect/4.0.0/docs/aws/api/installation/prerequisites/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://docs.protegrity.com/cloud-protect/4.0.0/docs/aws/api/installation/prerequisites/</guid><description><h2 id="prerequisites">Prerequisites</h2> <table><thead><tr><th> <p>Requirement</p> </th><th> <p>Detail</p> </th></tr></thead><tbody><tr><td> <p>Protegrity distribution and installation scripts</p> </td><td> <p>These artifacts are provided by Protegrity</p> </td></tr><tr><td> <p>Protegrity ESA 10.0+</p> </td><td> <p>The Cloud VPC must be able to obtain network access to the ESA</p> </td></tr><tr><td> <p>AWS Account</p> </td><td> <p>Recommend creating a new sub-account for Protegrity Serverless</p> </td></tr></tbody> </table></description></item><item><title/><link>https://docs.protegrity.com/cloud-protect/4.0.0/docs/aws/api/installation/services/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://docs.protegrity.com/cloud-protect/4.0.0/docs/aws/api/installation/services/</guid><description><h2 id="aws-services">AWS Services</h2> <p>The following table describes the AWS services that may be a part of your Protegrity installation.</p> <table><thead><tr><th> <p>Service</p> </th><th> <p>Description</p> </th></tr></thead><tbody><tr><td> <p>Lambda</p> </td><td> <p>Provides serverless compute for Protegrity protection operations and the ESA integration to fetch policy updates or deliver audit logs.</p> </td></tr><tr><td> <p>API Gateway</p> </td><td> <p>Provides the endpoint and access control.</p> </td></tr><tr><td> <p>KMS</p> </td><td> <p>Provides secrets for envelope policy encryption/decryption for Protegrity.</p> </td></tr><tr><td> <p>Secrets Manager</p> </td><td> <p>Provides secrets management for the ESA credentials .</p></description></item><item><title/><link>https://docs.protegrity.com/cloud-protect/4.0.0/docs/aws/api/installation/skills/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://docs.protegrity.com/cloud-protect/4.0.0/docs/aws/api/installation/skills/</guid><description><h2 id="required-skills-and-abilities">Required Skills and Abilities</h2> <table><thead><tr><th> <p>Role / Skillset</p> </th><th> <p>Description</p> </th></tr></thead><tbody><tr><td> <p>AWS Account Administrator</p> </td><td> <p>To run CloudFormation (or perform steps manually), create/configure a VPC and IAM permissions.</p> </td></tr><tr><td> <p>Protegrity Administrator</p> </td><td> <p>The ESA credentials required to extract the policy for the Policy Agent</p> </td></tr><tr><td> <p>Network Administrator</p> </td><td> <p>To open firewall to access ESA and evaluate AWS network setup</p> </td></tr></tbody> </table></description></item></channel></rss>