Manually setting up Amazon AWS cross-account access by using the AWS IAM service

Cross-account access enables an IAM user in one Amazon AWS account to access the AWS resources of another AWS account. After you set up the cross-account access for an IAM user, you must provide the access and secret key of that IAM user and the ARN (Amazon Resource Name) of the policy you create in this procedure to IBM® QRadar® Cloud Visibility. This process provides QRadar Cloud Visibility with access to the necessary resources across multiple AWS accounts.

About this task

Throughout this task, the AWS account that contains the IAM user is called the “trusted account” to QRadar Cloud Visibility. The AWS account to which the IAM user gains access is called a “trusting account” to QRadar Cloud Visibility because that account trusts the “trusted account”.

You can have only one trusted account, but you can have multiple trusting accounts.

Note: If you are configuring only one AWS account, that account is both a trusted and a trusting account. You must complete both of the following procedures to configure that account.
Use the following manual workflow to configure your AWS accounts with cross-account access for QRadar Cloud Visibility, or use the wizard in the configuration setup:
  1. List the AWS accounts that you want to configure for QRadar Cloud Visibility.
  2. Select one of the AWS accounts from the list as the trusted account. If you have only one AWS account, that is the trusted account.
  3. All of your AWS accounts in the list, including the trusted account, are trusting accounts. If you have only one AWS account, that is the trusting account.
  4. Follow the procedure to configure a trusting AWS account for all of your AWS accounts in the list.
  5. Follow the procedure to configure the trusted AWS account.
  6. Update the Amazon AWS account configuration in QRadar Cloud Visibility.

What to do next

Configure a trusting AWS account.