Barracuda Cloud Security Guardian must be able to communicate with your Cloud Service account. Perform the following steps to enable communication.
Continuing from Step 1: Creating a Cloud Security Guardian Account - AWS, click Get Started with AWS.
If you are not already at this screen, follow these steps to get there:
- In Barracuda Cloud Security Guardian, navigate to Settings > Cloud Service Providers.
- Click Add Account to open the Barracuda Cloud Security Guardian onboarding wizard.
- Click Launch Stack to open your AWS console in a new browser tab and launch a new stack. If you choose, you can download the Cloud Formation Template to help you launch the stack.
- In AWS, create the stack. For the Template, select Specify an Amazon S3 template URL. This field should already include the Barracuda Cloud Security Guardian template. Click Next.
- Name the stack and CrossAccountRoleName and click Next.
- On the Options page, accept the default entries and click Next.
- On the Review page, acknowledge that you are creating an IAM role. Then click Create.
The system will work for a moment to create the stack.
- When the creation is complete, click the stack.
Under Outputs, locate the RoleARN. Copy the value of the key RoleARN.
- Back in the Barracuda Cloud Security Guardian onboarding wizard, paste the name of the RoleARN you just created.
- In AWS, locate the ExternalID. Copy the value and paste it into the ExternalID field in the Barracuda Cloud Security Guardian.
- Click Add. The system verifies the connection.
- When the account connection is verified, click Close to close the wizard.
Deploying the stack takes about 10 minutes.
The setup wizard continues to enabling Security & Compliance. To perform this setup, continue to Step 3: Enabling Security and Compliance.