1.AWS_OrgScan Job

The 1.AWS_OrgScan job collects details about the AWS Organization including password policies and accounts within the organization.

Queries for the 1.AWS_OrgScan Job

The Org Scan query uses the AWS Data Collector to target all AWS instances and has been preconfigured to use the Collect Org Data category.

The 1.AWS_OrgScan job has the following configurable query:

• Org Scan – Collects AWS Organization level information

Configure the Org Scan Query

The Org Scan query in the 1.AWS_OrgScan job has been preconfigured to run with the default settings with the category of Collect Org Data. Follow the steps to set any desired customizations.

Step 1 – Navigate to the AWS > 0.Collection > 1.AWS_OrgScan > Configure node and select the Queries node.

Step 2 – In the Query Selection view, click Query Properties. The Query Properties window opens.

Step 3 – Select the Data Source tab, and click Configure. The Amazon Web Services Data Collector Wizard opens.

Step 4 – On the Login Roles page, add the created AWS Roles:

• Enter the Role in the Role Name field and click Add
• Alternatively, import multiple Roles from a CSV file
• See the Configure AWS for Scans topic for additional information

Step 5 – On the Summary page, click Finish to save any modifications or click Cancel if no changes were made. Then click OK to close the Query Properties window.

If changes were saved, the 1.AWS_OrgScans Job has now been customized.