Getting Started on PingSafe
  1. PingSafe Knowledge Base
  2. Getting Started on PingSafe

Connect your AWS Organization with PingSafe

Pingsafe has introduced Cross-Account access as an option for the AWS integration. This new method lets you onboard the AWS cloud organization to PingSafe in just a few clicks.

  1. From the left navigation panel, click on the “Add an Account” button present under the “Cloud Security”.
  2. Click on the “Connect” button present under “Amazon AWS”.
  3. Select “Organization” from the “Onboard” option and select the “Scan” Mode.
    • Detect Mode: PingSafe has read-only access to the resources in your AWS Cloud account. 
    • Detect & Auto remediate: PingSafe have read/write access to the resources. You will have to enable/disable this feature for each plugin that supports auto remediation.
  4. Log in to your AWS Management account.
  5. Click on the “Launch Stack” button from CloudFormation Template.
  6. Select “I acknowledge that AWS CloudFormation might create IAM resources” and click on the “Create Slack” button.
  7. When the stack status is CREATE_COMPLETE, click on the “Outputs” tab.
  8. Copy the “RoleARN” value.
  9. Paste the copied RoleARN in the “Management Role ARN” on the PingSafe and click on the “Next” button.
  10. Download the “CloudFormation Template”.
  11. Login to your AWS Management Account using the AWS console by clicking on the “click here” button.
  12. Click on the “Upload a template file”, browse the downloaded template file, and click on the “Next” button.
  13. Fill in the “StackSet name” and click on the “Next” button.
  14. Proceed with the default “Managed execution (Inactive)” and click on the “Next” button.
  15. Under Set deployment options, select the region in the “Specify regions” section.
  16. Under Deployment options, set “Maximum concurrent accounts” to 10” and click on the “Next” button.
  17. Select “I acknowledge that AWS CloudFormation might create IAM resources with custom names” and click on the “Submit” button.
  18. When the status is “SUCCEEDED”, click on the “Parameters“ tab”.
  19. Copy the “CloudRoleName” value.
  20. Paste the copied “CloudRoleName” in the “Member Role Name” input field on PingSafe.
  21. Select “I verify that the StackSet has been created successfully” and click on the “Next” button.
  22. Select the account you want to scan and click on the “Next” button.
  23. Select the Compliance(optional) and then click on the “Finish” button.
  24. Note that the Organization has been successfully onboarded.