Adding connections for cloud segment polling
Expand all | Collapse all
To add a connection for cloud segment polling to the list of available connections:
- In the main menu, go to DISCOVERY & DEPLOYMENT → DISCOVERY → CLOUD.
- In the window that opens, click Properties.
- In the Settings window that opens, click Add.
The Cloud segment settings window opens.
- Specify the name of the cloud environment for the connection that will be used for further polling of the cloud segment:
- Cloud environment
Select the cloud environment in which you are deploying Kaspersky Security Center: AWS, Azure, or Google Cloud.
If you plan to work with more than one cloud environment, select one environment and then run the Wizard again.
- Connection name
Enter a name for the connection. The name cannot contain more than 256 characters. Only Unicode characters are permitted.
This name will also be used as the name for the administration group for the cloud devices.
If you plan to work with more than one cloud environment, you might want to include the name of the environment in the connection name, for example, "Azure Segment", "AWS Segment", or "Google Segment".
- Enter your credentials to receive authorization in the cloud environment that you specified.
- If you selected AWS, specify the following settings:
- Use AWS IAM role
- AWS IAM user account credentials
If you specified that you have AWS IAM user account credentials, specify the following:
- Access key ID
The IAM access key ID is a sequence of alphanumeric characters. You received the key ID when you created the IAM user account.
The field is available if you selected an AWS IAM access key for authorization instead of an IAM role.
- Secret key
The secret key that you received with the access key ID when you created the IAM user account.
The characters of the secret key are displayed as asterisks. After you begin entering the secret key, the Show button is displayed. Click and hold this button for the necessary amount of time to view the characters you entered.
The field is available if you selected an AWS IAM access key for authorization instead of an IAM role.
To see the characters that you entered, click and hold the Show button.
- If you selected Azure, specify the following settings:
- Azure Application ID
You created this application ID on the Azure portal.
You can provide only one Azure Application ID for polling and other purposes. If you want to poll another Azure segment, you must first delete the existing Azure connection.
- Azure Subscription ID
You created the subscription on the Azure portal.
- Azure Application password
You received the password of the Application ID when you created the Application ID.
The characters of the password are displayed as asterisks. After you begin entering the password, the Show button becomes available. Click and hold this button to view the characters you entered.
To see the characters that you entered, click and hold the Show button.
- Azure storage account name
- Azure storage access key
You received a password (key) when you created Azure storage account for working with Kaspersky Security Center.
The key is available in section "Overview of the Azure storage account," in subsection "Keys."
To see the characters that you entered, click and hold the Show button.
If you selected Google Cloud, specify the following settings:
- If you want, click Set polling schedule and change the default settings.
The connection is saved in the application settings.
After the new cloud segment is polled for the first time, the subgroup corresponding to that segment appears in the Managed devices\Cloud administration group.
If you specify incorrect credentials, no instances will be found during cloud segment polling and a new subgroup will not appear in the Managed devices\Cloud administration group.
Page top
[Topic 198846]