Skip to content

AWS

Integrating AWS with Escape's ASM provides enhanced visibility and management of API deployments across AWS services.

Discovered Resources

The AWS integration automatically discovers and inventories the following services from your AWS account:

  • CloudFront Distributions: CDN configurations and domain names serving your applications
  • API Gateway Domain Names: Custom domain names configured for API Gateway endpoints
  • API Gateway V2 APIs: HTTP and WebSocket APIs (API Gateway V2)
  • Route 53 DNS Records: DNS zones and records managed by Route 53
  • Load Balancers: Application Load Balancers (ALB), Network Load Balancers (NLB), and Classic Load Balancers exposing services
  • Lambda Functions: Serverless functions with exposed endpoints via Function URLs or API Gateway integrations

These discovered resources are automatically classified as Assets (APIs, DNS records, WebApps) in Escape's ASM, enabling continuous security monitoring and testing.

Creating an AWS IAM User and Access Key

  1. Navigate to the IAM users tab in the AWS console
  2. Create a new user and attach the ReadOnlyAccess policy
  3. Go to the Security credentials tab and click Create access key
  4. Select Other for the Use case, add a description, and create the key

Important: Access key values are displayed only once during creation. Store these credentials securely.

To revoke access later, return to the IAM users tab, select the user, and remove the key under Security credentials.

Following these steps establishes a secure integration between AWS and Escape's ASM, enabling comprehensive monitoring and governance of your AWS-deployed APIs and infrastructure.