Skip to content

AWS Overview

Overview of steps

  1. Create a cross account IAM role that's used by the Valtix Controller to manage your cloud account
  2. Create an IAM role that is assigned to the Valtix Gateway EC2 instances that run in your account
  3. Create a CloudWatch event rule that transfers the management events to the Valtix Controller
  4. Create an IAM role that is used by the above CloudWatch event rule that gives it the permissions to do the transfer of the management events
  5. Optionally create a S3 bucket in your account to store CloudTrail Events, Route53 DNS query logs and VPC Flow Logs
  6. Enable Route53 DNS Query Logging with the destination as the S3 Bucket created above and select the VPCs for which query logging must be enabled
  7. Enable CloudTrail to log all the management events to the S3 Bucket created above
  8. Enable VPC Flow Logs with destination as the S3 Bucket created above

Next section(s) provide the details on configuring the above items