Step 1/2: Configure AWS Accounts & Services for CSA
On the Accounts & Services screen provide your AWS account number, account name, and admin email address. Then enable the services you want to run on the AWS accounts.
Enter the AWS account number, account name, and admin email address in the text box. You can upload a CSV file with the account information, or enter it individually using the following format:
123456789012,test,andrew@netskope.com 764389765412,develop 345689713654,production,timms@netskope.com
Note
Account name is required to help you easily identify each account in the Netskope tenant. Email address is optional.
For information on how to create a CSV file, see Creating a CSV file.
In the Services section, select Security Posture.
This feature scans the AWS resources for misconfigurations and measures them against compliance benchmarks and best practices such as, CIS, PCI-DSS, NIST, and Netskope's recommended best practices.
You can view the compliance status of your resources in the Compliance > Security Posture, IaaS > Overview, and IaaS > Inventory pages.
After providing the account information and selecting the services, proceed to Step 2/2: Configure AWS Permissions for CSA.
Creating a CSV file
An effortless way to add multiple AWS accounts in the setup screen is to create a CSV file with the account numbers, account names, and email addresses.
You can use Microsoft Excel or Google Sheets to create a CSV file. To get the list of AWS account numbers, account names, and email addresses using the AWS CLI, run the following command:
aws --output=text organizations list-accounts | awk -F'\t' '{printf("%s,%s,%s\n",$4,$7,$3)}'
The output of this command can then be copied to a spreadsheet in Microsoft Excel or Google Sheets and saved as a comma separated CSV, as shown in the screenshot.
This CSV file can then be uploaded to the setup screen.