Base Account Configuration in AWS Console

If you plan to use base account for your connectors, there are certain pre-requisites and settings that need to be configured on AWS console. The detailed steps and configuration required in AWS console for setting up base account is listed below.

Create IAM User and associate policy in AWS

(1) On the AWS console, navigate to AWS > Policies and create a policy (for example, AssumeRole) that contains the following JSON content.

(2) Create IAM User. Navigate to Identity and Access Management > Users and then click Add user.

(3) Provide a user name and enable Programmatic access for the user. Click Next: Permissions.

(4) Select Attach existing policies directly and then type the name of the policy that you created (AssumeRole) in Filter policies. Select the policy (AssumeRole) you configured and then click Next: Tags.

Add tags if needed (as this is optional). Review the user settings you configured and then click Create user.

Create Base Account in Qualys

(1) Go to Configuration > Amazon Web Services and then click Configure Base Account.

(2) Click Create and provide title, AWS account ID, access and secret keys.

(3) Select the account type. You can create only one base account per account type.

Ensure that the AWS account ID for which you configure that base account has policies associated in the AWS console. Learn more

(4) Select the Use in AssetView option to enable that AWS connectors (using configured base account) to be available in the AssetView App as well. This will save you from creating a separate connector in AssetView. Once enabled in CloudView, disabling this option later will not remove the corresponding connector from AssetView. You need to explicitly remove the connector from the AssetView app.