Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Designed for new users, the quick start workflow offers an efficient setup process for Cloud Security Management, enabling immediate monitoring of AWS resources. It uses AWS CloudFormation to automate the configuration, and includes the Cloud Security Management features: Misconfigurations, Identity Risks (CIEM), and Vulnerability Management.

This article provides instructions for the new user quick start workflow that uses AWS CloudFormation to set up Agentless Scanning. For existing users who want to add a new AWS account or enable Agentless Scanning on an existing integrated AWS account, see the instructions for Terraform or AWS CloudFormation.
Running Agentless scanners incurs additional costs. To optimize these costs while still ensuring reliable 12-hour scans, Datadog recommends setting up Agentless Scanning with Terraform as the default template.

Installation

  1. On the Intro to Cloud Security Management page, click Get Started with Cloud Security Management.
  2. Click Quick Start. The Features page is displayed, showing the features included with Agentless Scanning Quick Start.
  3. Click Start Using Cloud Security Management to continue.
  4. Select the AWS region where you want to create the CloudFormation stack.
  5. Select an API key that is already configured for Remote Configuration. If the API key you select does not have Remote Configuration enabled, Remote Configuration is automatically enabled for that key upon selection.
  6. Send AWS Logs to Datadog and Enable Cloud Security Management are automatically selected by default. Leave the selections as is.
  7. In the Agentless Scanning section, toggle Host Vulnerability Scanning, Container Vulnerability Scanning, Lambda Vulnerability Scanning, and Data Security Scanning to the on position.
  8. Click Launch CloudFormation Template. A new window opens, displaying the AWS CloudFormation screen. Use the provided CloudFormation template to create a stack. The template includes the IAM permissions required to deploy and manage Agentless scanners.

Exclude resources from scans

To exclude AWS hosts, containers, and Lambda functions from scans, apply the tag DatadogAgentlessScanner:false to each resource. For detailed instructions on adding this tag, refer to the AWS documentation.

Update the CloudFormation stack

Datadog recommends updating the CloudFormation stack regularly, so you can get access to new features and bug fixes as they get released. To do so, follow these steps:

  1. Log in to your AWS console and go to the CloudFormation Stacks page.
  2. Select the DatadogIntegration-DatadogAgentlessScanning-… CloudFormation sub-stack, click Update, then click Update nested stack.
  3. Click Replace existing template.
  4. In the following S3 URL: https://datadog-cloudformation-template-quickstart.s3.amazonaws.com/aws/<VERSION>/datadog_agentless_scanning.yaml, replace <VERSION> with the version found in aws_quickstart/version.txt. Paste that URL into the Amazon S3 URL field.
  5. Click Next to advance through the next several pages without modifying them, then submit the form.

Disable Agentless Scanning

  1. On the Cloud Security Management Setup page, click Cloud Integrations > AWS.
  2. To disable Agentless Scanning for an account, click the Edit button and toggle the Agentless Scanning section to the off position.
  3. Click Done.

Uninstall Agentless Scanning

To uninstall Agentless Scanning, log in to your AWS console and delete the CloudFormation stack created for Agentless Scanning.

Further Reading