As an AWS admin or an account owner, you can onboard AWS accounts into the Carbon Black Cloud to get visibility into the security state of the AWS compute instances (EC2). You use the Carbon Black Public Cloud service to enforce the Carbon Black Cloud Workload Protection for applications and resources running on these AWS EC2 instances.

Before onboarding any AWS account, you must set up a trust between your Carbon Black Cloud account and your customer's AWS account to view inventory of resources from the AWS account into the Carbon Black Cloud console.

Once the Carbon Black Public Cloud connects to the newly onboarded AWS account, the Carbon Black Cloud displays inventory information related to the EC2 instances, and all metadata associated with these instances.

Public Cloud architecture components.

The Carbon Black Public Cloud service detects and segregates the AWS EC2 instances from the native vSphere VMs. The AWS VMs display on a separate screen where you can query specific AWS workloads. For details, see AWS Workloads.

When you delete an already onboarded AWS account, the installed sensors remain visible, without being removed, and the following data gets deleted immediately.
  • The inventory of EC2 instances without Carbon Black sensor.
  • The metadata of the instances that are associated with this account.