AWS ExpertGet Help Setting Up AWSExpert

In order to conduct a review of your AWS Account you’ll first have to set up credentials to use with AWSExpert.  Don’t worry, the process is quick and straightforward. If you’re not the AWS administrator, you’ll likely need this person to setup access for you and you can send them these instructions.  At a high level this is what needs to take place.

  1. Have an IAM user created in your target AWS Account.
  2. Configure IAM credentials within AWSExpert.
  3. Run AWS Expert

Step 1 -Create an IAM User for AWSExpert

  • Login to your target AWS Account and within the IAM console, click add a user.
  • Choose a username, the name can be anything you’d like, go to the next screen.
  • Add a group that will contain the user you create. The name of the group can be anything you’d like.
  • Assign the group the AWS Managed Policy “SecurityAudit”.  This is a read only account specifically created and maintained by AWS for exactly this situation — someone who needs to review settings but can not make changes to anything.  Read more about the security audit policy here. Go to the next screen.
  • Setup a tag (this is optional) A tag can be setup to provide a more detailed description of the purpose of the group.  It is recommended to provide a detailed description.  
  • The next screen will be a summary page, review and go to the next page.
  • The final page will indicate that the user and group was setup successfully and you will have the ability to download the access credentials need within AWSExpert.  You’ll need the Access Key ID and Secret Access key (password) to gain access.

Want to see the screens for each part of the setup?

Add user screen

Next

Selecting a group

Next,

Create a group

Next,

Add User to Group

Next,

Add Tags

Next,

Review Screen

Next,

Screen to download credentials

Step 2 – Configure Credentials within AWSExpert

When AWSExpert is launched for the first time, you’ll need to configure it with credentials to be able to conduct a review.  You’ll only have to do this once. AWSExpert will remember your credentials after the first setup.

  • Launch AWSExpert and click on “Setup Access”
  • Input the Access Key & Secret Key for the user that will be used in AWSExpert.
  • Select a default AWS Region.  For US based customers US-EAST-1 is a good choice.  Ultimately it doesn’t matter as AWSExpert will review all of the regions that you tell it to.
  • Select a profile name.  This can be anything you like, AWSExpert would be a good choice.
  • Click Verify, if you didn’t enter everything correctly “connection error” will be displayed.  Otherwise “connection successful” will be displayed.
  • Click on Save Profile.

Step 3 – Run AWSExpert

Once you have configured credentials, they will be displayed on the main page.  You are ready to run a report of your environment. Simply click “Run Report”, choose where you want the report to be saved and wait a few minutes.  You’ll have an HTML report with valuable information on the security and setup of your AWS account!