Manage Amazon Web Services regions

Does not apply to Deep Security as a Service

Add an Amazon Web Services region

If the Amazon Web Services region hosting your cloud resources does not appear when your users attempt to add a cloud account using the Add AWS Cloud Account wizard, you will need to add the region to the list manually using the dsm_c command-line tool.

To add an Amazon Web Services region using dsm_c:

  1. On the Deep Security Manager server, run the following command:
    dsm_c -action addregion -region REGION -display DISPLAY -endpoint ENDPOINT
    where the parameters are:
    ParameterDescriptionSample value
    REGIONThe Amazon Web Services identifier for the region.ca-east-1
    DISPLAYThe display string to use for the region in the Add AWS Cloud Account wizard.Canada East (Ottawa)
    ENDPOINTThe fully-qualified domain name of the Amazon Elastic Compute Cloud (EC2) endpoint to use for the region.ec2.ca-east-1.amazonaws.com
If you are running the Deep Security Manager in a Linux environment, you will need to run the dsm_c command as the root user.
You do not normally need to import a trusted certificate for a manually added Amazon Web Services region. However, if the region you are adding specifically requires you to import one, you can learn how to do this in the Import trusted certificates section of Manage trusted certificates.

Viewing added Amazon Web Services regions

You can view any added Amazon Web Services regions in your system using the dsm_c command-line tool.

To view added Amazon Web Services regions using dsm_c:

  1. On the Deep Security Manager server, run the following command:
    dsm_c -action listregions
If you are running the Deep Security Manager in a Linux environment, you will need to run the dsm_c command as the root user.

Removing an added Amazon Web Services region

You can remove any added Amazon Web Services regions in your system using the dsm_c command-line tool.

Any cloud accounts that were added using the region will continue to work, but users will not be able to create new cloud accounts using the region.

To remove an added Amazon Web Services region using dsm_c:

  1. On the Deep Security Manager server, run the following command:
    dsm_c -action listregions
  2. Find the region identifier for the region you want to remove in the list.
  3. Run the following command:
    dsm_c -action removeregion -region REGION
    The REGION parameter is required.
    ParameterDescriptionSample value
    REGIONThe Amazon Web Services identifier for the region.ca-east-1
If you are running the Deep Security Manager in a Linux environment, you will need to run the dsm_c commands as the root user.