Getting Started

Getting Started with ASecureCloud

Sign in to your ASecureCloud account or Sign up for a free trial.

Once signed in, you can:

You can also find instructions to add an AWS Organization or an Azure Management Group.

Add an AWS account

Once logged in, click on the “New AWS Account” button.

You can also go to Settings -> Cloud Settings -> New AWS Account

Add your AWS account details

Here you need to provide:

  • AWS Account ID
  • AWS Account Name / Description
  • Workload region (where the workload is deployed, e.g. us-east-1)
  • Account Type (Production, Dev, Sandbox) used for rule severity weighting
  • Enable Scheduled Assessments on/off (default is On)

Add your AWS account details

Once done, click on the “Add Account and Create Profile” button.

Create the authentication profile

Here you select permissions for the ASecureCloud to access your AWS account.

  • Read-only access (default)
  • Read/Write access to the well-Architected tool (if you want to write back to the Well-Architected tool)

Note: You can select read-only or none if you do not use the well-Architected tool.

Create the authentication profile

Once done, click on the “Continue Profile Setup” button.

Finalize the profile setup

Select the IAM Role Name that will be used to access your AWS account.

The system will generate a template for you in both

  • cloudformation
  • terraform

Click on the “Deploy with CloudFormation” button (recommended). You can also download the Terraform template or follow the instructions and create it manually.

Finalize the profile setup

This will open a new tab to the AWS console where you can review the template and deploy it.

Once the deployment is complete, come back to ASecureCloud and click on the “Validate” button.

Validate the profile

If the profile is valid, you will see a green checkmark.

Validate the profile

You can now click on the “Create Profile and Launch Assessment” button.

Recap

Here is a quick gif summarizing the process:

AWS onboarding

Add an Azure subscription

Add an Azure Tenant

Click on the “Add Azure Tenant” button. You can also go to Settings -> Cloud Settings -> Add Azure Tenant

In the pop-up window, you need to provide:

  • Scope (Azure + EntraID, EntraID only, or M365)
  • Azure Tenant ID
  • Azure Tenant Name / Description
  • Endpoint type (Azure Public or Azure Government)
  • Enable Scheduled Assessments (default is On)

Once done, click on the “Next: Subscription Onboarding Method” button.

Subscription Onboarding Method

In this step, you can either provide

  • Azure Subscription ID (multiple subscriptions are supported)
  • Onboard a Management Group and list all subscriptions in the management group for you to choose from

Select “Manually enter Subscription IDs” and click on “Next:Input Subscriptions” button.

Input Subscriptions IDs

You can now input the Azure Subscription IDs. For each subscription, you need to provide:

  • Subscription ID
  • Subscription Description
  • Environment (Dev, Test, Production)

Click on + Additional Subscription button to add more subscription ID.

Once done, click on the “Next: Verify Connection” button.

Verify Connection

Using the information you provided, the system will generate various templates including:

  • Terraform template
  • PowerShell script
  • Manual steps

Download the template to deploy to Azure and create the Service Principal.

Once created in Azure, you will need to collect the Service Principal details and enter them in the verify connection window.

  • client ID
  • client secret
  • tenant ID

If the connection is successful, you will see a green checkmark.

Verify connection

Once done, click on the “Save Settings” button.

Support

If you encounter any issues during the onboarding process, please contact support

Next Steps

After successful onboarding, it’s time to review the assessment results.

HomeDashboard