1. Introduction
What is AWS?
Amazon Web Services (AWS) is a leading cloud platform that provides organizations with scalable computing, storage, and networking services. Companies rely on AWS to host applications, manage data, and run critical business operations in the cloud. Because AWS environments are highly dynamic and may involve multiple accounts, they require continuous monitoring to ensure that configurations remain secure and compliant.
What is the AWS–Hyver Integration?
Hyver’s AWS integration enables continuous, automated assessments of your AWS environment. Once activated, Hyver:
Scans daily with minimal performance impact.
Identifies vulnerabilities and misconfigurations, and presents them clearly in the Findings page.
Automatically updates statuses when issues are fixed in AWS.
You can choose to assess one or multiple accounts, configure multiple assessments, and track their progress directly from the Engagement page in Hyver. To stay informed, you can also enable automatic notifications for new findings.
Note: SIEM integration is not supported for AWS.
2. Prerequisites
In this section, we’ll look at what you need to have ready before starting the AWS integration. These are the items you’ll need to prepare manually to ensure the setup runs smoothly.
Before setting up the AWS integration, make sure the following requirements are in place:
Integration per account: Each AWS account you want Hyver to assess must have its own defined integration in Hyver.
Engagement setup: When creating a new AWS engagement in Hyver, select from your existing AWS integrations.
User permissions: You’ll need an AWS user with sufficient permissions for:
AWS CloudFormation
AWS Identity and Access Management (IAM)
The integration process includes two main steps:
Verification – During this step, you’ll be asked to provide your AWS Account ID.
Role creation – Here, you’ll copy a value from Hyver and paste it into the AWS console to complete the trust relationship.
Required IP Addresses
For the integration to work smoothly, you may need to allow traffic from Hyver’s servers in your firewall or network configuration. This ensures that Hyver can securely connect to your environment and perform scans without being blocked.
Depending on your region and the type of scan, add the following IP addresses:
General IPs:
Europe →
18.198.79.197America →
52.1.10.176,35.171.70.87
IPs for Azure and AWS Scans:
Europe →
18.158.77.90America →
34.206.252.13
In most cases, you only need to add the IPs relevant to your region and use case.
Multi-Company Dashboard and Integrations
This section explains how Hyver’s Multi-Company Dashboard works in general, and how integrations behave when used in a Multi-Company setup.
What is the Multi-Company Dashboard?
Hyver’s Multi-Company Dashboard is designed for large enterprises with multiple subsidiaries. It gives you:
A centralized view of cybersecurity risk across the entire organization
Key metrics like exposure, cost of breach, and maturity scores
The ability to switch between subsidiaries and view their individual data
Parent admins and power users can view aggregated and subsidiary-level risk, while detailed findings remain visible only to members of the specific subsidiary
Data that updates in real time
To enable Multi-Company, contact your CYE Technical Account Manager.
How Integrations Work in Multi-Company
Here’s the important part:
Integrations are created only at the subsidiary level
Findings from an integration appear only in that subsidiary’s dashboards and reports
Parent companies cannot create integrations — they can only view the aggregated results
Best Practices for Combining Integrations with Multi-Company
To get the most out of Multi-Company with integrations, we recommend:
Each subsidiary should create its own integration, using credentials that only grant access to data relevant to that subsidiary
In some cases, it’s useful to also have a dedicated “General” company, which holds findings that apply to the entire enterprise and cannot be tied to a single subsidiary
The parent company then combines these insights and metrics from all subsidiaries and the General company — but remember, integrations cannot be connected directly to the parent company.
3. Configuring on the AWS Side
In this section, we’ll cover the configuration steps required inside AWS to complete the integration. You’ll learn:
How to perform the verification step, including which details to retrieve from your AWS console.
How to create a dedicated IAM role for Hyver using AWS CloudFormation, so that Hyver can securely assess your environment.
Setting up the AWS integration involves steps in both Hyver and AWS, and needs to be done for each AWS account you want to connect.
Important: Creating the integration alone does not generate findings. To start receiving results from AWS, you’ll also need to create an AWS engagement (we’ll cover that later in this guide). For now, let’s focus on the first stage: verification.
Verification
On the Hyver side, you’ll enter your AWS account details:
In Hyver, go to Settings > Integrations.
Select the AWS tile and click Add integration.
Fill in the required verification fields:
Name – A free-text name to identify the integration. (Note: special characters such as !, $, etc. are not allowed. If you use them, you’ll get an error and need to re-enter the name.)
Account ID – The unique identifier of the AWS account you want Hyver to assess.
To find it, log in to your AWS portal, go to the Access Portal, open Accounts, and locate the account you want to connect:
Copy the number that appears in that row (the account ID) and paste it into the field in Hyver.
Click Validate. If the account is valid, Hyver will display: Verified successfully.
Once verification is complete, you’re ready to move on to the second stage: creating the role in AWS.
Create the AWS Role (CloudFormation Setup)
You’re now on Stage 2: Role creation. In Hyver you’ll see this broken into five sub-steps—follow them, and use the simplified flow below as your guide.
Open AWS CloudFormation: Click the link shown in Hyver sub-step 1 to open the console: AWS CloudFormation.
Create a new stack: Choose Create stack (with new resources – standard):
Provide the template URL: In Specify template, select Amazon S3 URL and paste the URL shown in Hyver (sub-step 3). Click Next.
Accept defaults and submit: Keep the default settings unless your org requires tags/permissions. Acknowledge the IAM capabilities if prompted, then click Submit (or Create stack).
Copy the Role ARN from Outputs: When the stack finishes, open the Outputs tab, copy the Role ARN, and paste it into the Role ARN field in Hyver.
(There’s an example link in Hyver sub-step 5 if you want to see the expected format.)Save in Hyver: Click Save. A Connected status indicates the integration is successful.
Note: The CloudFormation template creates an IAM role and attaches a policy for cross-account, read-only access (named CYE_Read_Only_Role).
4. Configuring in Hyver
In this section, we’ll complete the Hyver-side actions so the integration actually runs. You’ll set up and activate an AWS Engagement, link it to your AWS integration, define the schedule and scope, and assign access.
Creating an AWS Engagement
Now that the integration setup is complete, the next step is to create and activate an AWS Engagement. Without an engagement, the integration will not run or generate findings.
What is an Engagement?
An engagement in Hyver defines the project scope for an assessment. It includes:
The type of assessment (in this case, AWS).
Start and end dates.
The reassessment frequency.
The integration it relies on.
Important: An engagement must be linked to a defined AWS integration in Hyver, and it must be activated to begin scanning.
Steps to Create an AWS Engagement
In Hyver, click Engagements from the left navigation bar.
Click + New Engagement.
Fill in the required fields:
Engagement name
Engagement type – select AWS
Schedule time – automatically set to Continuous
Start date and End date
Short description (optional)
Customer restrictions (optional)
Click Next.
Assessment Scope:
Select the relevant AWS integration from the dropdown:
If no integration is available, click New/Modify Definition to create one.
Click Create.
Select members and groups who should have access to the engagement. Click Done:
You can now click View My New Engagement to see the full details. Once activated, Hyver will begin continuous daily assessments of your AWS environment.
Status and Activation
Once your AWS engagement is active, Hyver automatically takes over the assessment process.
What happens after activation?
Hyver will:
Continuously assess your AWS environment.
Identify misconfigurations and security issues in real time.
Update the Findings view with newly discovered issues and associated assets.
Key Highlights
Vulnerability Findings Identification – Hyver automatically detects, monitors, and updates findings related to vulnerabilities in your AWS environment.
Automatic Remediation Verification – When you fix a finding in AWS, Hyver verifies the change and updates the status—no manual action required.
5. Viewing Results
Viewing AWS Assessments
After your AWS engagement is created and the assessment begins running, you can easily view the results in Hyver.
How to view assessment details
In Hyver, click Engagements from the left navigation bar.
Select the relevant engagement card from the Engagement Board:
Open the Assessments tab to see:
An overview of the assessment.
The latest status (displayed as a single row):
Note: If an assessment fails, a red error message will appear. Once the issue is fixed, Hyver will automatically retry the assessment:
6. Types of Fetched Entities
AWS Findings in Hyver
Hyver continuously keeps findings in sync with the state of your AWS environment.
Automatic Finding Creation
With each daily assessment, Hyver automatically adds newly detected issues as findings with the status Open.
Automatic Finding Verification
When you resolve an issue in AWS, Hyver verifies the fix during the next assessment.
If the fix is confirmed, the finding’s status is automatically updated to Fixed.
Behavior Logic
If you manually set a finding to Fixed, but the issue still exists in AWS, Hyver will automatically update the status to Reopen.
If you manually set a finding to On Hold, Acceptable Risk, or another custom status, Hyver will not override your choice — even if the issue remains in place.
7. Deleting the Integration
You can delete an AWS integration only if it is not linked to any active engagement (or if the engagement’s end date has already passed).
Important: Deletion must be completed on both sides — in Hyver and in your AWS account.
Delete the Integration in Hyver
In Hyver, go to Settings > Integrations.
Select the AWS tile.
Click Delete:
Delete the Integration in AWS
Open the AWS CloudFormation console.
Locate the stack that was created for the Hyver integration.
Click Delete to remove the stack:
Once the CloudFormation stack is deleted, Hyver will no longer have any permissions to access your AWS environment.
Wrap-up
In this article, we explored how to connect AWS with Hyver to enable daily, automated assessments of your cloud environment. We reviewed the integration steps, setting up and activating engagements, viewing assessments, managing findings, and safely deleting the integration when needed. Together, these steps ensure seamless monitoring, accurate findings, and smooth lifecycle management of AWS integrations in Hyver.