Architecture

Deploying this ABI with default parameters builds the following architecture.

Architecture diagram Architecture diagram

As shown in the diagram, the Quick Start sets up the following:

  • In all current and AWS accounts in your AWS organization:

    • to <detect changes in AWS Config configuration items (CIs)> and .
    • to perform and .

  • In the management account:

    • to perform and .

  • In the log archive account:

    • to perform and .

  • In the security tooling account:

    • to perform and .

Architecture overview

The integration establishes a connection between and your AWS environment. uses IAM roles and policies to access and collect security-related data from your AWS accounts.

The deployment of the is automated using AWS CloudFormation. CloudFormation templates are used to provision the required resources, including IAM roles, S3 buckets,[….], and [….].

collects [….] from various AWS services, such as , , and . These events are processed and analyzed by ’s to provide additional capabilities like [….].

Based on the information collected, provides [….] to improve [….] of your AWS environment. These findings help you perform [….].

Next: See Deployment options to get started.