Lacework is a security platform for the cloud generation of builders that provides compliance checks and automated threat defense and intrusion detection for cloud workloads and services on AWS, GCP, Azure, and Kubernetes.

Lucidum uses the Lacework Connector to ingest data from Lacework.

Requirements

To use the Lacework Connector in Lucidum:

  1. Before configuring the Lacework connector in Lucidum, you must first define an API Key and API Secret in Lacework. Lucidum will use the app and its token to access Lacework.

  2. You can then configure the Lacework connector in Lucidum and start ingesting data from Lacework.

Prerequisite: Defining an API Key and API Secret

  1. Login to Lacework as an administrator.

  2. Navigate to Settings > Configuration > API keys and click + Add New.

  3. Enter the name for the key and an optional description

  4. Click Save.

  5. To view the API key and API secret, download the generated API key file and open it in a text editor.

Configuring the Lacework Connector

To configure Lucidum to ingest data from Lacework:

  1. Log in to Lucidum.

  2. In the left pane, click Connector.

  3. In the Connector page, click Add Connector.

  4. Scroll until you find the Connector for Lacework. Click Connect. The Settings page appears.

  5. In the Settings page, enter the following

    • Instance. Lacework instance name. For example, lucidum

    • API Key. The API key that you generated in the previous section.

    • API Secret. The API Secret that you generated in the previous section.

    • AWS Accounts. Optional. AWS account list to fetch data from. For example, [12345678910]

    • GCP Accounts. Optional. List of Google Cloud Platform accounts to fetch data from.

    • Azure Accounts. Optional. List of Microsoft Azure accounts to fetch data from.

  6. To test the configuration, click Test.

    • If the connector is configured correctly, Lucidum displays a list of services that are accessible with the connector.

    • If the connector is not configured correctly, Lucidum displays an error message.