Integrate with AWS -old

Overview of Bridgecrew-AWS Integration

The AWS integration options are listed below.
AWS Read Access: allows Bridgecrew to perform read-only API calls.
AWS CloudTrail: allows Bridgecrew to pull CloudTrail log data and perform read-only API calls.
AWS Write Access: allows Bridgecrew to remediate policy violations by modifying the configuration of your cloud environment.

The diagram below illustrates the Bridgecrew - AWS Write Access flow.




For full Bridgecrew functionality, we recommend using the integration options for AWS Cloudtrail and AWS Write Access.

How to Integrate Bridgecrew with AWS

After signing up, you will be shown a Product Tour which will lead you to the Integrations tab.

  1. Select an option from the menu (AWS Cloudtrail, AWS Write Access, AWS Read Access).
  2. Press Add Account.
    You will be prompted to create a CloudFormation template. The form is already populated with Bridgecrew connection details.
  3. Select the checkbox next to "I acknowledge..." to permit creation of IAM resources.
  4. Press Create Stack.



  1. If you do not set up Write Access, you will be prompted to do so the first time you attempt to Remediate a violation via Playbook; see Step 4: Investigate Incidents.

  2. From time to time, you may be prompted to redeploy the CloudFormation stack to provide additional roles required for performing to perform remediation.