Skip to content

AWS Cloud Account Setup

Satori’s Data Discovery integration with AWS enables you to discover and classify data across your AWS environment automatically. This connection allows Satori to scan your environment and enhance visibility and security without disrupting data workflows.

Perform the following steps to connect your AWS account to the Satori Management Console.

Note: Satori supports both data discovery and classification for AWS accounts. You can choose which DAC will run the data discovery process. Support for selecting a DAC for data classification is not yet available. Classification is currently performed through the Satori SaaS platform. Please contact your Satori representative for more information.

Prerequisites

Before you start, ensure that you have the following:

  • You have access to the AWS account with appropriate IAM privileges.
  • You have the AWS Account ID and the appropriate user credentials ready.

Screenshot

Configuring an AWS Cloud Account

Screenshot

Perform the following steps to connect Satori to your AWS Cloud Account:

  1. Go to the Settings / Cloud Accounts view and click the plus button to add a cloud account.
  2. Select the Amazon Web Services (AWS) option.
  3. Enter a descriptive name for this integration in the Name input field.

Perform the AWS-specific inline instructions as they appear in the Add new cloud Account view:

Step 1: Select Data Access Controller - Choose the AWS DAC for the discovery process. Consult your Satori representative about setting up the data classification process.

Step 2: Select Environment - Set the default environment for discovered data stores of this cloud account. The environment type impacts the risk score calculated for data stores.

Step 3: Enter AWS Connection Details - Enter the ID of the AWS account you want to connect to.

Step 4: Generate Setup Instructions - Click Generate Setup Instructions to obtain the specific configuration steps.

These steps include setting up a cross-account IAM role, defining trust relationships, and assigning the necessary permissions for Satori to access AWS metadata.

Step 5: Confirm Configuration - After completing the AWS-side configuration, return to the Satori console and check the Successfully Configured checkbox to acknowledge completion. Click Enable Cloud Account to finalize the setup. Data Discovery will now be active for this AWS account.

Next Steps

Once enabled, Satori begins scanning supported data services within the configured AWS account. You can view and manage discovered assets in the Data Inventory view. Your new Account appears in the Cloud Accounts view.

Now you are ready to add classifications, configure security policies and create datasets to help you govern your AWS account.

Screenshot