How to scan an AWS cloud environment

AWS scanning is a feature introduced in Lansweeper 7.1. If you are using an older Lansweeper release, you will need to update by following the instructions in this knowledge base article.
Not all Lansweeper licenses support AWS scanning. If your particular license does not support this feature, please visit this page for more information.

From version 7.1 onward, Lansweeper is capable of scanning VPCs and instances (virtual machines) hosted on the Amazon Web Services (AWS) cloud platform. An asset is created for each VPC that has instances connected to it and for each instance as well. Any EC2-VPC environment can be scanned. Scanned data includes VPCs, instances and their types, AMIs, elastic GPUs, hosts, IDs, network interfaces, product codes, regions and availability zones, security groups, states, subnets, tags, volumes and more.

AWS EC2 VPC asset
AWS EC2 instance asset

To scan a VPC or virtual machine from AWS, do the following:

  1. Make sure you meet the AWS scanning requirements.
  2. Submit your AWS regions for scanning by hitting the Add Scanning Target button in the Scanning\Scanning Targets section of the web console. If you have multiple scanning servers, there will be a separate configuration tab for each server. When submitting your regions, you will be asked to specify a scanning schedule.
    Scanning Targets menu
    submitting AWS regions for scanning
  3. Submit your AWS access key ID and secret access key as a credential in the Scanning\Scanning Credentials section of the web console. You can use the same access key for all AWS regions by editing the Global AWS credential or submit a non-global credential with the Add new Credential button.
    Scanning Credentials menu
    adding an AWS credential
  4. If the credential you set up is not a global credential, map the credential to your regions by hitting the + Credential button next to a region on the same page.
    mapping an AWS credential
  5. Wait for your scanning schedules to trigger or initiate an immediate scan by hitting the Scan now button next to the AWS target under Scanning\Scanning Targets. AWS scans do not visually show up in your scanning queue. They're processed silently in the background.
    Scan Now under Scanning Targets
  6. View scanned data by hovering over the Assets menu at the top of the web console and clicking on the AWS asset types. This takes you to overviews of your VPCs and instances, from which you can click through to those assets' webpages as well. Alternatively, you can view scanned data using built-in or custom reports or using the AWS dashboard widget.
    AWS asset types
    AWS reports
    AWS widget

Related Articles