Skip to content

Getting Started

Thank you for using SecureCloudDB. To set up your service, you will need to have access to your Amazon Web Services account with permission to create a role.

Step 1 – Create an Organization

Log on to your SecureCloudDB account, and from the top left, select Manage Organizations:

Once you are on the Organizations page, choose Create Organization from the right of the screen.

This series of tabs will ask for:

  • The name of the organization

  • Members of the organization – by default, you are the Admin user for the newly created organization. If there are other users for this account, you can add them with Admin, User, or Read Only User permission levels. If you don’t need to add additional users right now, just click Continue.

  • Confirmation – review the Organization Summary information, and if it is correct, choose Create.

To learn more about how to use organizations, see Organizations.

Step 2 – Setup Asset Discovery

Next, you will set up access to your databases. From your Home screen, click on Create Asset Discovery.

This series of tabs will help you give the system enough access to your AWS account to be able to evaluate your databases:

  • Name – create a name for this set of assets, using only letters, numbers, and dash characters. The Description field may contain any characters.

  • Account Setup Options – to start with, you can set up one account. You can add more accounts later, see (link to account overview – TBD).

  • AWS Configuration –

    • Account Id – enter the AWS account ID here.

    • Regions to scan – if you would like to include only some regions, edit your preferences in the drop-down list.

    • Services – The services which are used are shown here. Currently, only AWS RDS and AWS IAM are supported in this release.

    • Authentication – choose Create New Authentication.

    • Choose Assume Role, and then click on the link Set up an AWS IAM Role here.

When you click on the link to set up an AWS IAM role, it will send you to your AWS Cloud Formation page to create a stack using a template provided by SecureCloudDB. Both RDS Data API Access and RDS IAM Authentication Access are required.

At the bottom of this page, select the acknowledgement checkbox, and choose Create Stack:

This process may take a minute or more to complete. Once it has completed, click on the Outputs tab for the newly created stack, copy the value of the SecureCloudDbRoleArn key, and return to the Asset Discovery Configuration page, then paste the copied string into the Assume Role entry.

Tag Mappings – if you would like to enable optional Owner or Business Impact tags, you may create them here. For more information about Owner and Business Impact tags, see Owner and Business Impact Tags.

Schedule – Select how often you’d like your databases to be evaluated against the policy set, and click continue.

Summary – review your configuration, and click continue.

Return to your Home screen, and databases should become visible within 5 to 10 minutes. Please refresh your screen to see if there have been updates. If setup was successful, the Asset Discoveries portion will be green:

If setup was not successful, contact