Add your AWS account to Deep Security. This imports all your Amazon EC2 instances into Deep Security Manager. Your EC2 instances appear on the left under Computers > your_AWS_account > your_region > your_VPC > your_subnet.

From there, you can manage them like any other computer.

If you previously added Amazon EC2 instances as individual computers, and they are part of your AWS account, after importing the account.

There are several ways to add AWS accounts to Deep Security Manager:

• Add your AWS account using the quick setup option. This is the easiest way to add an account because it uses an AWS CloudFormation template to automate the setup. You can run through the quick setup several times to add multiple AWS accounts. The quick setup is the automated way of adding your account using a cross account role, which is described next.
  This method is available with this deployment method:

Deep Security as a Service

This AWS CloudFormation stack creates access privileges that will allow the Trend Micro Deep Security service (https://app.deepsecurity.trendmicro.com/) to monitor your AWS instances. The stack will automatically update your Trend Micro Deep Security account with your AWS account information. You can delete this stack after it completes and the Deep Security service will keep working. To revoke access, go to the Identity and Account Management console and delete the role named ‘DeepSecurity’ .**WARNING** This template creates an Amazon EC2 instance that runs for a very short period and then terminates itself. You will be billed for the very small amount of AWS resources used if you create a stack from this template.

Add your AWS account using the quick setup option

Applies to Deep Security as a Service only.

1. In the Deep Security Manager, go to the Computers page and click Add > Add AWS Account.

Select Quick

Click Next.

A page appears that describes what happens during the setup process with a URL. The URL is valid for one hour.

Click Next.

If you have not already signed into your AWS account you are prompted to do so.

Click Next on the Select Template page to accept the defaults.

If your organization uses tags, you can add them on the Options page.

Click Next.

On the Review page, select the check box next to I acknowledge that this template might cause AWS CloudFormation to create IAM resources.

Click Create.

When AWS CloudFormation finishes setting up a cross account role, the Deep Security Manager wizard displays a success message. You can close the screen before the success message is displayed. The account is added to Deep Security immediately after the cross account role is set up.