Skip to content

Asset Discovery

Hint

If you have not created an organization yet, please see Creating an Organization first. Additionally, we recommend setting up an AWS Authentication Method before completing the following steps.

The next step in securing your cloud environment is configuring SecureCloudDB to begin discovering your cloud assets.

  1. To get started with asset discovery, select Asset Discovery from the left nav under Setup. Once there, select the blue circle with a plus sign to begin:

  2. Decide a name for your asset discovery configuration, or accept the randomly generated one:

  3. Select your scan type. If you are setting up an AWS specific database service, select AWS Configuration. Otherwise, select Non-AWS. For this guide, we will be doing an AWS configuration.

  4. Next, decide if you are setting up one account or many (this can be changed later). For now, let's do one account at a time.

  5. Enter your Account ID, pick your Regions to Scan, and select the Services you would like to detect. Afterwards, pick your authentication method or create a new one. If you need help creating a new method or have any questions, please visit the AWS Authentication section for more information. We recommend you either assume a role or host an agent and use an Instance Profile.

  6. On the next step, you can choose whether you would like to audit self-managed databases on EC2. If this applies to you, check the box. Otherwise, you can leave it blank.

  7. Select a schedule to run scans and if you are using a self-hosted agent check the box. We recommend not setting the schedule to higher than the default (6 hours). Note that this is the periodic schedule on which your scan will run. You can start a scan at any time manually after creating an asset discovery.

  8. The final step provides a summary of your configurations throughout the creation wizard. Take a second to double check that the inputs show your correct information and when you are ready select Create to finish this asset discovery configuration.

Should everything be configured correctly, your first scan will begin within a matter of minutes!

Next Steps

Once data begins to show on the platform, we recommend setting up the Database Activity Monitoring functionality to identify any potential suspicious behavior.