Manage AWS regions

Does not apply to Deep Security as a Service

Add an Amazon Web Services region

If the Amazon Web Services (AWS) region hosting your EC2 resources does not appear when you try to add a cloud account using the Add AWS Cloud Account wizard, manually add the region.

  1. On the server that is hosting Deep Security Manager, enter the command:

    dsm_c -action addregion -region REGION -display DISPLAY -endpoint ENDPOINT

    where the parameters are:

    ParameterDescriptionExample
    REGIONThe Amazon Web Services identifier for the region.ca-east-1
    DISPLAYThe display string to use for the region in the Add AWS Cloud Account wizard.Canada East (Ottawa)
    ENDPOINTThe fully-qualified domain name of the Amazon Elastic Compute Cloud (EC2) endpoint to use for the region.ec2.ca-east-1.amazonaws.com

    If Deep Security Manager is running on a Linux server, you must run the command with sudo or use a superuser account such as root.
  2. If the specific AWS region requires that you import a trusted certificate (most don't), see Manage trusted certificates.

Viewing your Amazon Web Services regions

You can view any AWS regions that you have added using the CLI.

On the server that is hosting Deep Security Manager, enter the command:

dsm_c -action listregions

If Deep Security Manager is running on a Linux server, you must run the command with sudo or use a superuser account such as root.

Removing an Amazon Web Services region

You can delete any AWS regions that you have added using the CLI. Any existing cloud accounts for the region will continue to work unless you remove them, but administrators won't be able to create new cloud accounts for the region.

  1. On the server that is hosting Deep Security Manager, enter the command:
    dsm_c -action listregions
  2. Find the identifier for the that you want to remove.
  3. Enter the command:
    dsm_c -action removeregion -region REGION
    The REGION parameter is required.
    ParameterDescriptionExample
    REGIONThe Amazon Web Services identifier for the region.ca-east-1
If Deep Security Manager is running on a Linux server, you must run the command with sudo or use a superuser account such as root.