Onboarding Lacework CSPM

Follow the steps below to onboard your environment to our Lacework CSPM app.

1

Add a Service User - Step 1 - Basic Information

Go to the Lacework Console and navigate to Users page. (Settings -> Access Control -> Users)

Click on the Add User button. You will see the following screen.

Change the User Type to Service User, provide a name(eg. leen-service-user) and click on the Next button. Add User Step 1

2

Add a Service User - Step 2 - Select user group

Add one user group called Account read-only user and click on the Save button. Add User Step 2

3

Enable Service User

From the list of users on the Users page(Setting -> Access Control -> Users) under Account level locate the user you just created and click on the Enable button. Enable User

4

Download API Key

Navigate to Service user API Keys tab. (Settings -> Configuration -> API Keys -> Service user API Keys)

Locate the service user you just created and from the tripple dot menu click on the Download button to download the API key file.

This API json file will have following structure:

{
  "keyId": "ABC...123",
  "secret": "_ab12...34cd",
  "account": "your-company.lacework.net"
  // "subAccount": "optional: subaccount123"
}

Download API Key

5

Enter credentials

Enter these keys into the Lacework CSPM connector in their respective fields. Eg, key_id, secret, account and optionally sub_account

Please note the casing, e.g., camelCase in the API key file versus snake_case in the connector fields.

Credentials: Microsoft Defender for CloudCreate a connection