Add your AWS environment
You can add your AWS environments to Sophos Cloud Optix using AWS Quick-start, or choose a full setup.
Quick-start gets you up and running easily. You don't have to run scripts or create additional resources in your AWS environment. You get a limited set of features.
Quick-start supports core features, including:
- Security configuration scanning.
- Spend monitoring.
- Sophos server workload agent integration.
Quick-start doesn't support the following advanced features:
- Network traffic information flow displayed on Network Visualization.
- Outbound network traffic anomaly detection and alerts.
- Activity Logs, including identification of high-risk activities.
- User login anomaly detection and alerts.
- Sophos Managed Detection and Response (MDR) integration.
If you want to use advanced features, you need to use one of the full setup methods. You can do this at a later stage for the same account. You don't have to remove the environment first. See AWS Quick-start.
Full setup methods
Full setup methods create resources in AWS to collect VPC flow logs and CloudTrail logs from your environment. You're guided by the Add your AWS environment assistant.
Choose from the following full setup methods:
- Use the Sophos-provided script for Linux and macOS. See Use AWS CloudShell or AWS CLI script.
- Use AWS CloudFormation. See Use CloudFormation
- Use AWS CloudFormation with AWS Organizations. See Use AWS Organizations.
- Use an AWS organization trail. See Use an organization trail.
- Using the Terraform template provided. See Use Terraform
To find out which resources Sophos Cloud Optix creates in your AWS environments, see Resources created in AWS environments.
If you're using AWS Organizations to manage multiple AWS accounts centrally, you must use AWS CloudFormation to add your accounts to Sophos Cloud Optix.
After adding your AWS account to Sophos Cloud Optix, you can add Amazon Elastic Kubernetes Service (EKS) clusters. You must add these clusters to Sophos Cloud Optix separately, using the Amazon CLI script provided by Sophos. See Add Amazon EKS clusters.
Before you start
Before you add AWS environments, you must be aware of the following points:
- By adding your AWS environment, you authorize Sophos to access information via APIs and collect log data from your environment. Your cloud provider may charge you for this. Contact them for details. See Cloud provider charges.
- AWS regions that aren't connected to the global AWS infrastructure, including AWS GovCloud (US) and AWS China, aren't supported.
- Sophos Cloud Optix doesn't support AWS's legacy EC2-Classic platform, which was deprecated in 2013. You can add AWS environments that are on the EC2-VPC platform.