Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Microsoft Defender for Cloud generates a CloudFormation template that includes all of the resources necessary to onboard your Amazon Web Services (AWS) account to Defender for Cloud. However, Defender for Cloud and Microsoft Sentinel use the same authentication mechanism to connect to AWS accounts. When an AWS account is first connected to Microsoft Sentinel, Defender for Cloud can't connect to it as well.
This article guides you through the steps to connect your AWS account to Defender for Cloud and ensure it operates correctly.
Prerequisites
To complete the procedures in this article, you need:
A Microsoft Azure subscription. If you don't have an Azure subscription, you can sign up for a free one.
Microsoft Defender for Cloud set up on your Azure subscription.
Access to an AWS account.
Contributor level permission for the relevant Azure subscription.
Connect your AWS account to Defender for Cloud
The CloudFormation template provided by Defender for Cloud is needed to grant permission to Defender for Cloud to access you AWS account and resolve the conflict between the Defender for Cloud and Microsoft Sentinel.
Follow the steps in the Connect AWS accounts to Microsoft Defender for Cloud until step 5b in the Connect Defender Plans section.
Select Copy.
Paste the template into a local text editing tool.
Search for the ASCDefendersOIDCIdentityProvider": { section of the template, and make a separate copy of the entire ClientIdList.
Search for the ASCDefendersOIDCIdentityProvider section in the template and delete it.
Save the file locally.
In a separate browser window, sign in to your AWS account.
Navigate to Identity and Access Management (IAM) > Identity Providers.
Search for and select 33e01921-4d64-4f8c-a055-5bdaffd5e33d.
Select Actions > Add audience.
Paste the ClientIdList section you copied in step 3.
Navigate to the Configure access page in Defender for Cloud.
Follow the Create a Stack in AWS instructions, and use the template you saved locally.
Select Next.
Select Create.
Next steps
- Assign access to workload owners.
- Protect all of your resources with Defender for Cloud.
- Set up your on-premises machines and Google Cloud Platforms (GCP).
- Get answers to common questions about onboarding your AWS account.
- Troubleshoot your multicloud connectors.