Skip to main content

AWS Engagement (Cloud Engagements)

Set up continuous AWS assessments in Hyver to identify misconfigurations and cloud risks.

Updated over 5 months ago

Overview

Hyver can continuously assess your AWS environment to identify misconfigurations, risky access paths, and other cloud-based vulnerabilities. This article explains how to define the AWS integration, create the engagement, and understand the output once the assessment begins. 

Step 1: Define the AWS Integration

Before creating the engagement, you need to connect Hyver to your AWS account.

  1. Click your user icon in the top right corner and select Settings.

  2. In the left pane, click Integrations.

  3. Select the AWS integration tile:

  4. Fill in the following fields:

    • Name – Enter a name to identify this AWS integration in Hyver

    • Account ID – Enter the AWS Account ID for the environment you want to assess

  5. Click Verify. Once verified, you’ll see a success message:

Create the Integration Role in AWS:

  1. In AWS, go to AWS CloudFormation Console using an admin role.

  2. Create a new CloudFormation stack:

  3. In Hyver, copy the S3 URL and paste it into the CloudFormation form.

  4. Click Next through the default steps, then click Submit to create the stack.

  5. When the stack finishes deploying, go to the Outputs tab and copy the Role ARN.

  6. Paste the Role ARN into Hyver’s Role ARN field and click Save.

✅ You’ll see a green confirmation banner once the integration is saved successfully:

Step 2: Create the AWS Engagement

  1. In Hyver, click the Engagements icon on the left navigation bar.

  2. Click + New Engagement.

  3. In the Engagement Name field, enter a descriptive name.

  4. In the Engagement Type dropdown, select AWS.

  5. Fill in the remaining fields:

    • Schedule Time – This is set to Continuous by default and cannot be changed

    • Start Date / End Date – Set the dates for the assessment period

    • Short Description (optional)

    • Customer Restrictions (optional) – Add any free-text notes for the CYE team

  6. Click Next.

Step 3: Define the Scope

  1. On the Assessment Scope page, select the integration you just created from the dropdown.

  2. If no integration is listed, click New/Modify Definition to create one.

Click Create to finalize the engagement.

Step 4: Assign Members

  1. Select the users and groups who should have access to this engagement.

  2. Only selected members will see its findings, assets, and dashboards.

  3. Click Done.

What Happens Next?

  • The engagement will appear with Pending status.

  • A CYE services team member will activate it.

  • Once active, Hyver will begin continuous, automated assessments of your AWS environment.

Assessment Output Includes:

  • Findings – Misconfigurations, access risks, and other vulnerabilities are automatically detected and shown in the Findings view.

  • Remediation Assets – Hyver identifies and tracks assets associated with each finding.

  • Automatic Status Updates – When a remediation is implemented, Hyver verifies and updates the status automatically.

Important notes

  • You must complete the integration before creating the engagement.

  • AWS assessments run continuously and update daily.

  • Only users with appropriate permissions can access the results.

  • This engagement type is activated by the CYE services team.

Wrap-up / Next Steps

Once set up, AWS engagements run in the background, keeping your cloud security posture continuously updated. The findings appear automatically in Hyver and help you pinpoint what to fix — and what’s already improving.

Related Articles
Defining Engagements
Defining Cloud Engagements
Azure Engagement (Cloud Engagements)
Integrating with AWS – Full Guide
Integrating with Azure – Full Guide
Did this answer your question?