You can use the SDK to add an Amazon Web Services (AWS) connector and synchronize EC2 Instances and WorkSpaces from AWS to Deep Security. For an overview of adding connectors in the Deep Security console, see this article in the Deep Security Help Center.

You can use either of the following ways to add an AWS connector:

• Use a cross-account role: To add a connector using a cross-account role, you must first retrieve your external ID from Deep Security Manager and configure your AWS account's role.

  1. Retrieve the external ID: The externalId parameter can be retrieved from the AwsConnectorSettingsApi - Python, JavaScript, Java.

  2. Configure the AWS account: On AWS, create a cross-account role for your AWS account that references the Deep Security Manager's instance role. For more details, refer to this guide in the Deep Security Help Center. When you enter the external ID, use the externalId value that you retrieved in the previous step.

  3. Create the AWS connector - Python, JavaScript, Java.

• Use the manager instance role: When your Deep Security Manager resides in the AWS account that you want to add to Deep Security, you can use the manager instance role option to easily add the account - Python, JavaScript, Java