The Carbon Black Public Cloud feature allows the onboarding and managing of AWS accounts into Carbon Black Cloud with API key as an authentication method. You use the API key to authenticate the requests made by the Amazon EventBridge rules from the customer's AWS account to the Carbon Black Cloud API endpoint.

To enable APIs authentication and sending of AWS account's events to the Carbon Black Cloud, you must set the following access permissions in the Carbon Black Cloud console.
Note: System admin and above roles have the right to onboard and delete AWS accounts in the Carbon Black Cloud. Non-system admins can only view the data associated with the AWS account and the Public Cloud inventory.
The Public Cloud permissions set in the Add Access Level page of the Carbon Black Cloud console.

For information on adding the access level and applying it to the API key, see Setting Access Levels.

After you define the API key in the event stream setup script, the script performs the following actions:
  • Sets up the AWS Secrets Manager in the customer's environment to store the API key value.
  • Updates the API key on the customer's AWS account when needed.

For information on AWS services setup script, see Setting Up AWS Services.