Updating AWS Instances Post Setup
You can change or modify the email address and, add or remove services from AWS accounts in the Netskope UI. When you add or remove services from an account, a new CFT is generated with updated permissions. The new CFT must be uploaded to the CloudFormation stack in the AWS account to update the account with the service changes. However, changing only the email address does not generate a new CFT and does not require you to update the CloudFormation stack.
In the Settings > API-enabled Protection > Cloud Infrastructure page, click on the AWS account to view the edit screen.
If you only want to edit the email address, provide the new Admin email and click Save.
If you have added or removed services on this screen, download the new CFT and update the CloudFormation stack in the AWS accounts. For instructions on how to update the stack, see Updating the stack.
Confirm that a cross account role with permissions is created in each AWS account. Click Save.
Alternatively, you can use Netskope's REST API to update a Netskope instance of the AWS account.
https://<tenant-name>.goskope.com/api/v1/public_cloud/account?token=<token>&op=update
For more information on REST API endpoints see, Public Cloud API Endpoints for REST API v1.
Updating the stack
When a new CFT is generated in the Netskope UI, you must update the CloudFormation stack with the latest CFT. To update the stack,
Log into the AWS Management Console and navigate to the CloudFormation page.
Click on the stack you created previously to upload the CFT.
In the stack page, click Update.
In the Update stack page, select Replace current template and under Specify Template, select Upload a template file.
Click Choose file to upload the new aws-instance-setup.yml. Click Next.
Click Next on the Specify stack details page and the Configure stack options page.
Review your stack details on the Review page and click Update stack.