What is a Service Account?
Service Account allows customers to streamline the administration of complex scenarios, such as Cloud Workload Protection Platform (CWPP), by enabling centralized management from a single AWS account. This eliminates the need to deploy appliances into multiple AWS accounts.
Content
- Terminologies
- Setting up a Service Account
- Installing Plerion infrastructure on Service Account
- Linking Target accounts to Service Account
Terminologies
Service Account
A service account in Plerion refers to an exclusive AWS account designed for deploying Plerion infrastructure and overseeing the various capabilities it offers. The service account employs an agent-less approach to scan assets within the target accounts. Scanning activities are carried out by launching appliances exclusively within the service account.
Target Account
The AWS account integrations, which utilize the service account, are referred to as target accounts. The target account grants the necessary permissions to the service account appliances, allowing the appliances to scan assets within the respective target account.
Appliance
An appliance represents an AWS EC2 instance responsible for performing asset scans and reporting the results back to Plerion. The appliances are launched within the service account and are granted the necessary permissions to scan assets within the target accounts.
Plerion Control Plane
The Plerion Control Plane includes the backend service Plerion manages in its own AWS account. The Control Plane is responsible for managing the appliances, orchestrating scans, and storing scan results.