autobotAI
Bot Library
Pricing
Documentation
Resources
Partner Central

AWS

Overview

The AWS integration enables autobotAI to seamlessly connect with your AWS resources, allowing you to automate various tasks such as managing EC2 instances, S3 buckets, and other AWS services. By deploying a CloudFormation stack, you can easily set up the necessary resources and configurations within your AWS environment. This integration enhances operational efficiency, enabling automated workflows and better resource management directly from autobotAI.

This guide provides instructions for setting up an integration with AWS in your autobotAI account. By completing this process, you will deploy a CloudFormation stack into your AWS environment.

Prerequisites

Before starting, ensure you have the following:

  • An active AWS account.
  • An AWS CloudFormation stack template that you wish to deploy.

Steps to Set Up AWS Integration

Step 1:
Navigate to the Integrations page by selecting Integrations in the menu. Click the + Add Integration button in the top-right corner to view the list of all available integrations.

Add Integration

Step 2:
Under Cloud Service Providers, select AWS + Add to create the AWS integration.

Select AWS Integration

Step 3:
Fill in the required information in the fields provided:

Note: Fields marked with an asterisk (*) are mandatory.

  • Account Name/Alias: Provide a meaningful name or alias for this integration.
  • Groups: Use groups to organize multiple integrations, similar to labels in Gmail.
  • Default Discovery Bots: Select the out-of-the-box bots that will help you view statistics of your AWS account, such as the number of S3 buckets.
AWS Details
Step 4:
Click Next. Step 5:
Select the Execution Method. The Automated option is pre-selected. aws_details

Step 6:
Click Next.

Step 7:
Before clicking on Launch Stack, ensure that you have a logged-in session of the AWS account in the same browser. launch_stack

If you do not have a logged-in session of the AWS account in the same browser, copy the link and open it in a browser where you have an active AWS session.

If everything is ready, click on Launch Stack. You’ll be redirected to your AWS account to deploy the CloudFormation stack.

Step 8:
Follow the prompts in AWS CloudFormation to deploy the stack successfully. aws_stack_deployment aws_stack_deployment
Step 9:
After creating the integration, locate it under Integrations. Click on the three dots next to it, select Test, and ensure your integration is configured correctly with autobotAI. validation

Supported AWS Services

autobotAI integrates with the following AWS services:

Security Services

  • AWS WAF (Web Application Firewall) - Rule management, log analysis, automated remediation
  • AWS Inspector - Vulnerability findings ingestion and automated remediation
  • AWS Security Hub - Centralized security findings aggregation and response
  • Amazon GuardDuty - Threat detection findings and automated response
  • AWS IAM - Identity and access management automation
  • AWS Secrets Manager - Secrets rotation and compliance monitoring
  • AWS Config - Configuration compliance monitoring and remediation

Compute & Container Services

  • Amazon EKS (Elastic Kubernetes Service) - Container security and compliance
  • AWS Lambda - Serverless function management and monitoring
  • Amazon ECS - Container orchestration security
  • Amazon EC2 - Instance security posture management

Networking Services

  • Amazon VPC - Network security group management
  • AWS Security Groups - Automated rule updates and remediation
  • AWS Network Firewall - Policy management and monitoring
  • Amazon CloudFront - Distribution security and WAF integration

Storage & Data Services

  • Amazon S3 - Bucket security, access controls, compliance monitoring
  • Amazon RDS - Database security configuration
  • Amazon DynamoDB - Table security and access management

Management & Orchestration

  • AWS CloudWatch - Metrics, logs, and event-driven workflows
  • AWS CloudTrail - Audit log analysis and compliance monitoring
  • AWS Systems Manager - Automated patching and configuration management
  • AWS Organizations - Multi-account security orchestration

Application Services

  • Amazon API Gateway - API security monitoring and protection
  • AWS App Runner - Application security management
  • Amazon Cognito - User pool security monitoring

Regional Availability

autobotAI supports AWS integrations in all AWS commercial regions where the underlying AWS services are available.

Supported AWS Regions

Americas:

  • US East (N. Virginia) - us-east-1
  • US East (Ohio) - us-east-2
  • US West (N. California) - us-west-1
  • US West (Oregon) - us-west-2
  • Canada (Central) - ca-central-1
  • Canada West (Calgary) - ca-west-1
  • South America (São Paulo) - sa-east-1
  • Mexico (Central) - mx-central-1

Europe:

  • Europe (Ireland) - eu-west-1
  • Europe (London) - eu-west-2
  • Europe (Paris) - eu-west-3
  • Europe (Frankfurt) - eu-central-1
  • Europe (Zurich) - eu-central-2
  • Europe (Stockholm) - eu-north-1
  • Europe (Milan) - eu-south-1
  • Europe (Spain) - eu-south-2

Asia Pacific:

  • Asia Pacific (Mumbai) - ap-south-1
  • Asia Pacific (Hyderabad) - ap-south-2
  • Asia Pacific (Tokyo) - ap-northeast-1
  • Asia Pacific (Osaka) - ap-northeast-3
  • Asia Pacific (Seoul) - ap-northeast-2
  • Asia Pacific (Singapore) - ap-southeast-1
  • Asia Pacific (Sydney) - ap-southeast-2
  • Asia Pacific (Jakarta) - ap-southeast-3
  • Asia Pacific (Melbourne) - ap-southeast-4
  • Asia Pacific (Malaysia) - ap-southeast-5
  • Asia Pacific (Bangkok) - ap-southeast-7
  • Asia Pacific (Hong Kong) - ap-east-1
  • Asia Pacific (Taipei) - ap-east-2

Middle East:

  • Middle East (Bahrain) - me-south-1
  • Middle East (UAE) - me-central-1
  • Israel (Tel Aviv) - il-central-1

Africa:

  • Africa (Cape Town) - af-south-1

Special Regions

AWS GovCloud: Not currently supported AWS China Regions: Not currently supported

Global Services

For AWS CloudFront distributions, autobotAI can manage security configurations that protect content delivered globally through CloudFront edge locations. CloudFront WAF configurations must be created in the us-east-1 region.

Deployment Models

autobotAI supports multiple deployment models for AWS integration:

1. Serverless Deployment (Recommended)

  • Fully serverless architecture deployed in customer's AWS account
  • Uses AWS Lambda, API Gateway, DynamoDB, S3, and ECS
  • Auto-scaling based on workload
  • No infrastructure management required
  • All data remains in customer's AWS environment

2. SaaS Deployment

  • autobotAI hosted with cross-account access to customer AWS
  • Customer maintains control over their AWS resources
  • Secure cross-account IAM roles for access
  • Simplified deployment and maintenance

3. Hybrid Deployment

  • Combines SaaS management with customer-hosted execution
  • Sensitive workflows executed in customer environment
  • Management and orchestration via autobotAI SaaS

Multi-Account Support

autobotAI provides comprehensive multi-account AWS security operations:

AWS Organizations Integration

  • Centralized security management across entire organization
  • Automated policy enforcement across all member accounts
  • Cross-account workflow orchestration
  • Unified compliance monitoring and remediation

Cross-Account Access

  • Secure IAM role assumption across accounts
  • Least-privilege permission model
  • Audit trails for all cross-account actions
  • Support for hundreds of AWS accounts

Account Discovery

  • Automatic discovery of AWS accounts in organization
  • Resource inventory across all accounts
  • Centralized visibility and control

Key Capabilities

1. Automated Security Remediation

  • Continuous monitoring of AWS security services
  • Intelligent analysis of security findings
  • Automated remediation with approval workflows
  • Cross-service correlation and response

2. Compliance Management

  • GRC violation detection and remediation
  • Policy-as-code enforcement
  • Automated compliance reporting
  • Configuration drift detection and correction

3. Multi-Environment Security

  • Cloud infrastructure (AWS services)
  • Container security (EKS, ECS)
  • Serverless security (Lambda, API Gateway)
  • Network security (VPC, Security Groups, WAF)

4. Intelligent Workflow Orchestration

  • Multi-step approval workflows
  • Conditional logic and branching
  • Integration with external systems
  • Smart automation (auto-execute or approval-based)

5. Data Analysis & Enrichment

  • Query AWS logs and findings
  • Threat intelligence enrichment
  • High-fidelity alert generation
  • Noise reduction and correlation

Integration Requirements

IAM Permissions

autobotAI requires appropriate IAM permissions to interact with AWS services. We follow the principle of least privilege.

Required for all deployments:

  • Read access to security service findings (Inspector, GuardDuty, Security Hub)
  • Read access to configuration data (Config, CloudTrail)
  • Write access for remediation actions (contextual based on workflows)

Optional based on use cases:

  • WAF rule management permissions
  • Security group modification permissions
  • S3 bucket policy management
  • IAM policy management
  • Lambda function management

Network Connectivity

  • For SaaS deployment: Outbound HTTPS (443) connectivity to autobotAI endpoints
  • For serverless deployment: Standard AWS service-to-service communication
  • No inbound connectivity required

Data Residency

  • All customer data remains in customer's AWS region(s)
  • autobotAI processes data where it lives
  • No data replication or external storage
  • Full data sovereignty maintained

Use Cases

Security Operations Center (SOC)

  • Automated incident response across AWS services
  • Correlation of security findings from multiple sources
  • Orchestrated remediation workflows
  • Real-time threat detection and response

Cloud Security Posture Management

  • Continuous compliance monitoring
  • Automated configuration remediation
  • Policy enforcement across accounts
  • Drift detection and correction

Vulnerability Management

  • Inspector findings automation
  • Automated patching workflows
  • Risk-based prioritization
  • SLA-driven remediation tracking

Access Management

  • IAM policy compliance
  • Automated access reviews
  • Privilege escalation detection
  • Secrets rotation automation

Container Security

  • EKS cluster security automation
  • Pod security policy enforcement
  • Container image scanning integration
  • Runtime security monitoring

Best Practices

  • Start with read-only permissions for initial testing
  • Implement approval workflows for critical actions
  • Use AWS CloudTrail to audit all autobotAI actions
  • Leverage AWS Organizations for multi-account management
  • Follow AWS Well-Architected Framework security pillar

Support and Documentation

For detailed integration guides for specific AWS services:

  • See service-specific documentation pages
  • Review example workflows in autobotAI library
  • Contact autobotAI support for custom integration requirements

For AWS-specific questions:

  • Refer to AWS service documentation
  • Review AWS security best practices
  • Consult AWS Well-Architected Framework

Updates and Maintenance

  • autobotAI automatically supports new AWS regions as they become available
  • New AWS service integrations added regularly
  • Backward compatibility maintained for existing workflows
  • Release notes published for all updates
Previous
openai
Next
azure