AWS China Account Connection Overview

Before Aqua CSPM can produce any security scan results, you must connect a cloud account. For AWS China, this is done through the use of a secure IAM user. To fully connect the account, you must complete steps in both your AWS China account, as well as in your Aqua CSPM account.

Account Setup 

Step 1: Select CSPM from the mega menu. Navigate to the Cloud Accounts page. Click Connect Account on the top right.


Step 2: Choose AWS under Account Type and Manual Setup under Method.

Step 3: Follow the steps below to manually connect your AWS account:

  1. Log into your AWS account and navigate to the IAM console. Note: The domain for AWS China Regions is
  2. Click Add Users
  3. Create a new IAM user with any user name (preferably "Aqua").
  4. Check Programmatic Access in Access type and click Next: Permissions.
  5. Select Attach existing policies directly and check the box next to the SecurityAudit policy in the policy type table. Click Next: Tags
  6. Click Next: Review and then click Create user
  7. Once the user is successfully created, copy the Access key ID and secret access key (click show to display the secret key value).
  8. Paste the copied values (Access key ID and Secret access key) in the Aqua connection wizard. 

Step 4: Click Connect Account to finish.