Connecting your AWS account via Terraform

To connect your AWS account with our platform please download the following Terraform code:

13_security_scan_role.tf

provider “aws” {
region = “us-west-2”
}

variable “external_id” {
description = “External ID that 13 Security will use to assume the role 13SecurityScanRole from your 13 Security account.”
type = string
}

resource “aws_iam_role” “13SecurityScanRole” {
name = “13SecurityScanRole”

assume_role_policy = jsonencode({
Version = “2012-10-17”
Statement = [
{
Effect = “Allow”
Principal = {
AWS = “arn:aws:iam::975049992047:user/security-scanner”
}
Action = “sts:AssumeRole”
Condition = {
StringEquals = {
“sts:ExternalId” = var.external_id
}
StringLike = {
“aws:PrincipalArn” = “arn:aws:iam::975049992047:user/security-scanner”
}
}
}
]
})

max_session_duration = 3600

tags = {
Service = “https://13security.com”
Support = “[email protected]
CloudFormation = “true”
Name = “13SecurityScanRole”
Version = “1.0.1”
}
}

resource “aws_iam_role_policy_attachment” “SecurityAuditPolicy” {
role = aws_iam_role.13SecurityScanRole.name
policy_arn = “arn:aws:iam::aws:policy/SecurityAudit”
}

resource “aws_iam_role_policy_attachment” “ViewOnlyAccessPolicy” {
role = aws_iam_role.13SecurityScanRole.name
policy_arn = “arn:aws:iam::aws:policy/job-function/ViewOnlyAccess”
}

resource “aws_iam_policy” “13SecurityRoleAdditionalViewPrivileges” {
name = “13SecurityRoleAdditionalViewPrivileges”
description = “Additional View Privileges for 13SecurityScanRole”

policy = jsonencode({
Version = “2012-10-17”
Statement = [
{
Effect = “Allow”
Action = [
“account:Get“, “appstream:Describe“,
“appstream:List“, “backup:List“,
“cloudtrail:GetInsightSelectors”,
“codeartifact:List“, “codebuild:BatchGet“,
“cognito-idp:GetUserPoolMfaConfig”,
“dlm:Get“, “drs:Describe“,
“ds:Get“, “ds:Describe“,
“ds:List“, “dynamodb:GetResourcePolicy”, “ec2:GetEbsEncryptionByDefault”, “ec2:GetSnapshotBlockPublicAccessState”, “ec2:GetInstanceMetadataDefaults”, “ecr:Describe“,
“ecr:GetRegistryScanningConfiguration”,
“elasticfilesystem:DescribeBackupPolicy”,
“glue:GetConnections”,
“glue:GetSecurityConfiguration“, “glue:SearchTables”, “lambda:GetFunction“,
“logs:FilterLogEvents”,
“lightsail:GetRelationalDatabases”,
“macie2:GetMacieSession”,
“s3:GetAccountPublicAccessBlock”,
“shield:DescribeProtection”,
“shield:GetSubscriptionState”,
“securityhub:BatchImportFindings”,
“securityhub:GetFindings”,
“ssm:GetDocument”,
“ssm-incidents:List“, “support:Describe“,
“tag:GetTagKeys”,
“wellarchitected:List” ] Resource = “
}
]
})
}

resource “aws_iam_role_policy” “13SecurityRoleAdditionalViewPrivilegesAttachment” {
role = aws_iam_role.13SecurityScanRole.name
policy = aws_iam_policy.13SecurityRoleAdditionalViewPrivileges.policy
}

resource “aws_iam_policy” “13SecurityRoleApiGatewayViewPrivileges” {
name = “13SecurityRoleApiGatewayViewPrivileges”
description = “API Gateway View Privileges for 13SecurityScanRole”

policy = jsonencode({
Version = “2012-10-17”
Statement = [
{
Effect = “Allow”
Action = “apigateway:GET”
Resource = [
“arn:aws:apigateway:::/restapis/“,
“arn:aws:apigateway:::/apis/
]
}
]
})
}

resource “aws_iam_role_policy” “13SecurityRoleApiGatewayViewPrivilegesAttachment” {
role = aws_iam_role.13SecurityScanRole.name
policy = aws_iam_policy.13SecurityRoleApiGatewayViewPrivileges.policy
}

You need to utilize the provided by our platform external_id, which you can pass to Terraform utilizing different methods:

Option 1: Directly in the Command Line

terraform apply -var=”external_id=your_external_id_value”

Option 2: In a terraform.tfvars File

external_id = “your_external_id_value”

For additional assistance please reach out to our support team.

13 Security Blog

Get email alerts when we publish new blog articles!

more blog posts:

shallow focus photography of computer codes
Cloud Security

What is Threat Hunting?

Threat Hunting is a creative process. One’s abilities to think abstractly, challenge ideas, and be unafraid of failure lead to more knowledge and breakthroughs than someone who does everything the same way every time.

Read More
Compliance

HIPAA Security Rule summary

The Security Rule operationalizes the protections contained in the Privacy Rule by addressing the technical and non-technical safeguards that organizations called “covered entities” must put in place to secure individuals’ “electronic protected health information” (e-PHI)

Read More