Navigation: Billing > Legacy Reports > AWS Security and Compliance Report

TIP: For best results, use Google Chrome when working in the platform

 

Overview:

This article provides information regarding the AWS Security and Compliance Report.

 

The AWS Security and Compliance Report examines a customer’s AWS account and makes a series of best practice recommendations designed to secure the account and achieve compliance goals. The report is available for download in a PDF format and can also be shared via email. Printing the first page of the report will provide a summary by category of possible issues and/or offer suggestions regarding Security, Fault Tolerance, Cost Optimization, Performance and Service Limits. The subsequent pages provide detail on each of the issues. The detail pages will include a description of the alert, the criteria that caused a warning, recommended remediation actions, reference resources and a grid identifying the instances that tripped the alarms. 

 

The requirements of this report are:

1. Business Level Support needs to be activated in the individual AWS accounts.

2. The AWS policy named "AWSSupportAccess" needs to be attached to the Read-only role for Billing.



To modify the ARN role, follow these steps:

1. Log into the AWS account

2. From the AWS services page, select “Identity & Access Management”

3. Select Roles 

4. Find the role previously created for SES to access the billing data and click on the name itself to modify the Role.

5. Select Attach Policy and find AWSSupportAccess, check the box on the left, go to the bottom right and click Attach. 


 

Example: Role Summary page (above)

Under the Permission section of the screen, a ReadOnlyAccess policy is already applied.  



 

Example:  ReadOnlyAccess is currently selected (above)

a. In the search field (below), type 'support' to find AWSSupportAccess policy

 


b. Select "AWSSupportAccess" from the list, then click the [Attach Policy] button in the lower right-hand corner

c. The Managed Policies section will look like the screenshot below when the policy is attached correctly.

***Note: You can only attach 2 policies.***

 


Example:  The setup is complete and is now ready for the new SES AWS Security and Compliance Report. Log out of the AWS account.


To run the report in the platform, follow these steps:


1. Log into SES

2. Select the Billing module

3. Select Legacy Reports

4. Select the AWS Security and Compliance Report

5. Select a customer

6. Select an AWS account

7. Click [Export PDF].  The report will run and provide a progress status.  When complete, the report is available for download.





EXAMPLE AWS Security and Compliance Report below: