sevco.io

AWS

Overview

Amazon Web Services (AWS) is an on-demand cloud computing platforms that provides various services related to networking, compute, storage, middleware, IOT and other processing capacity.

Available Integrations

The following AWS services can be integrated with the Sevco platform:

ServiceSupported Asset Type(s)Integration Type
EC2DevicesSource
IAMUsersSource
Identity CenterUsersSource
S3Devices, UsersInventory Sync

⚠️

Please review the configuration instructions in the section below before setting up permissions for apps.

Configuration

  1. Choose an Access Schema: A schema is a configuration template that defines a specific way to connect, authenticate, and interact with a source. The following are the available schemas

    • API ID / API Secret Key: Will retrieve AWS objects using a generated access key ID and secret access key
    • AssumeRole: Will retrieve AWS objects by allowing Sevco to assume the specified role
  2. Configure the Access Schema:

API ID / API Secret Key Schema

FieldDescriptionExample
API ID*AWS Access Key IDABCDEFGHIJKLMNOPQRST
API Secret Key*AWS Access Secret**************************************

AssumeRole

FieldDescriptionExample
ARN*The Amazon Resource Name (ARN) of the AWS Role to assumearn:aws:iam::888218222122:role/SevcoAWSIAMSourceRole
Organization DiscoveryEnables AWS account discovery. See Creating Credentials – AWS Organization Discovery for more information.n/a
  1. Add new integration Select which integration(s) you wish to add. See links for details on additional configuration required.

  2. Configure General Information: OPTIONAL: You can set the following fields to give platform configuration

FieldDescriptionExample
Name (optional)Uniquely identifiable attribute of the configuration to delineate other similar configurations with the existing organizationDMZ network
Contact Person (optional)A placeholder to input a name or email address of a contact associated with the integration.Jane Doe
Link to Console (optional)A placeholder to input a link to the console of the product Sevco is integrating with for quick reference and access when configuring or editing the integration.www.product.com/devices
Email me about frequent errorsSelect this toggle to receive an email whenever an Integration has a ≥30% error rate in a 24-hour period.n/a
  1. Activate Config: To enable this configuration "Activate."

External Documentation

Creating credentials

Access Key ID/Secret Access Key Schemas

You'll be asked to provide source credentials that Sevco will use to connect to AWS. The following link will step you through creating your AWS keys.
https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys

Assume Role Schemas

The IAM trust policy for your assumable role will vary based on your chosen integration. See integration-specific documentation for details:

Required permissions

See integration-specific documentation for details

Integration

Effect

Action

Collect devices from EC2

Allow

ec2:DescribeInstances

ec2:DescribeRegions

ec2:DescribeAddresses

ec2:DescribeNetworkInterfaces

Collect users from IAM

Allow

iam:GetUser

iam:ListUsers

Collect users from Identity Center

Allow

identitystore:ListGroupMemberships

identitystore:ListGroups

identitystore:ListUsers

Sync Inventory to S3

Allow

s3:PutObject

s3:AbortMultipartUpload

API Documentation

Contact Us

If you're having problems integrating a source, or if you've found something wrong in this document, please email us at [email protected] or suggest edits directly by selecting the Suggest Edits located in the upper right hand corner of the documentation.