TABLE OF CONTENTS
Set Up Events
- Login to the Aqua portal and select CSPM from the mega menu at the top of the page.
- Select Cloud Accounts from the left side navigation pane.
- Locate the desired cloud account and click three dots at the end of the list.
- Select Set Up Events.
- Login to your Azure portal. Ensure you are logged into your Azure subscription with permission to create ARM and Activity Log resources.
- Run the following PowerShell script in your cloud shell.
$scriptPath = 'https://s3.amazonaws.com/cloudsploit-remediation-resources/production/azure/events.ps1';$eventUUID = 'fd37ba3a-841c-4fda-ae04-8b8b6396a3ad';$script = (New-Object System.Net.WebClient).DownloadString($scriptPath);$scriptBlock = [Scriptblock]::Create($script);Invoke-Command -ScriptBlock $scriptBlock;
Always restart the PowerShell and clear the screen before running the script.
7. When the script finishes running the event service should be connected. You get a notification in the terminal: "Aqua Events successfully connected".
Verify Events Setup
Once the events are set up, verify the events setup using the following steps:
- Logout and login of your Azure account.
- In the Aqua portal, select Events from the left navigation pane. Refresh the events page by clicking the refresh button at the top.
- You will receive a new notification for the event as shown in the screenshot.