/
Deploying AUTOMATE+ to an additional AWS account

Deploying AUTOMATE+ to an additional AWS account

Owned by Paul Tompkins (Unlicensed)
Last updated: Jun 06, 2024
2 min read

How to sign-up and deploy AUTOMATE+ to a new AWS Account(s)

To deploy AUTOMATE+ to an additional AWS Account, please follow the steps below.
If you run into any issues during the process, please contact support@6pillars.ai for assistance.

 

There is also a Deployment FAQ and additional information on Deployment Requirements.

 

  1. Open your browser and login to the AWS account that you wish to deploy AUTOMATE (read only) or AUTOMATE+ into.

  2. Ensure you are logged in with the appropriate IAM user and that the IAM role has sufficient privledges to deploy AUTOMATE+.

  3. Open a new tab in your browser and browse to the app.6pillars.ai portal.

  4. Ensure that you have popups turned on from app.6pillars.ai and 6pillars.ai.

    1. Instructions on how to enable popups for 6pillars.ai for your browser can be found here.

  5. Login to your AUTOMATE+ account.

 

Deploy AUTOMATE+ to your first AWS Account - Deployment Steps

Open the AUTOMATE+ portal, choose "Manage" as part of the main quickbar at the top of the screen inside the SaaS portal after you have logged in, then "Accounts" and finally "Deploy to AWS Account"

 

Select your preferred deployment type:

  • AUTOMATE+ to deploy the full platform (including Continuous Compliance - fix misconfigurations and enforce compliance)

With AUTOMATE+ all remediation features are deployed to a read-only / alert-only state.

NO AUTOMATION IS TRIGGERED at time of deployment, auto-remediation needs to be enabled/configured by you.

 

  • AUTOMATE (the read-only version)

 

Name your deployment, we recommend provide a name with a sequence that easily helps you understand which accounts you have connected when looking at them in a list. Otherwise when you look at your accounts in a list later with just the AWS account numbers and no easy reference, its unlikely to mean much to you in the future. For example: Orgname-Prod1-1

 

Select the region the AWS services that you wish to have visibility of are currently deployed into.

 

A new tab will open with a pre-filled CloudFormation stack (please ensure that pop-ups are enabled and new tabs are allowed within your browser at least for the 6pillars app.6pillars.ai portal) check the IAM acknowledgement checkbox at the bottom of the page and click Create Stack.

 

Deployment has kicked off time to go get a Tea or a Cup of Coffee!

 

Deployment timeframe

Deployment will now happen automatically over the next 15 minutes. If AWS Security Hub was not previously enabled in the AWS account then it will take 18-24 hours before findings will show or reviews can be performed.

 

Hardening the Cross Account role

The final (automated) step of the deployment process is to harden the Cross-Account role, at this time all permissions are reduced to the minimum requirement.

Details on the Cross Account Role & working with AWS permissions can be found here.

 

If you run into any challenges with deployment or have questions, please contact support@6pillars.ai for assistance.

Related content