> For the complete documentation index, see [llms.txt](https://docs.fusion.vectra.ai/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.fusion.vectra.ai/cloud-onboarding/aws-cloud-onboarding.md). # AWS Cloud Onboarding {% hint style="info" %} New to Fusion cloud onboarding? Start with [Fusion Onboarding for Cloud Engineers](/cloud-onboarding/fusion-onboarding-for-cloud-engineers.md) for deployment models, scope planning, and cloud-specific guidance. {% endhint %} Use one of these three paths to configure AWS VPC flow logs, Route 53 Resolver logs, and onboarding to Fusion. Choose the path that fits your environment: * **Manual onboarding** — best for a small number of VPCs or an initial PoC * **Vectra onboarding automation** — best for large or dynamic AWS environments * **Custom IaC automation** — best if you prefer integrating to your existing IaC ### 1. Manual onboarding Follow step-by-step guides to configure AWS and Fusion and onboard each VPC. **Best for** Organizations with a small number of VPCs that rarely change, or for an initial PoC. **Next steps** * [AWS VPC via S3 Setup (AWS Console method)](broken://spaces/7upncbzIm3grJePXaOO9/pages/ZwWkmxuU7SRQaes4N8ZS) * [AWS VPC via S3 Setup (CloudFormation method)](broken://spaces/7upncbzIm3grJePXaOO9/pages/Yle4OXVbaq9u1PuLy9W5) * [Quickstart: AWS](/cloud-onboarding/aws-cloud-onboarding/quickstart-aws.md) * [AWS Context Integration](/enrich-traffic-with-context/configure-context-integrations/aws.md) ### 2. Vectra Cloud Onboarding Automation for AWS Organizations For detailed documentation, see [Vectra Terraform / CloudFormation StackSet Cloud Onboarding Automation for AWS Organizations](/cloud-onboarding/aws-cloud-onboarding/neto-onboarding-aws.md). {% hint style="info" icon="robot" %} **Using Terraform to automate onboarding** Access Vectra's Terraform automation at . For access to the repo, reach out to your Vectra contact with your GitHub ID or request the latest release package. Vectra provides the `neto-onboarding` Terraform project for AWS Organizations, Azure Tenants, and GCP Organizations. This automation can: * Enable and configure AWS VPC flow logs, Azure VNet flow logs, and GCP VPC flow logs based on policy and tags * Deploy the infrastructure required to integrate with Fusion across multiple accounts, subscriptions, or projects * Adds VPCs/VNets configured for flow logging to Vectra Fusion as traffic sources. * Deploy a single AWS Lambda, Azure Function, or Google Cloud Function for context enrichment across all in-scope environments * Monitor for VPC and VNet changes, onboard new in-scope networks, and offboard networks that leave scope {% endhint %} **Best for** Organizations that want a complete, supported, end-to-end solution for managing flow log configuration and onboarding to Fusion. This is usually the fastest path for large, dynamic, or multi-cloud environments. **Next steps** * Reach out to your Vectra contact and request access to the GitHub repo. * Include your GitHub ID, or request the latest release package. ### 3. Custom IaC automation Use your existing automation pipelines or scripts to: * Deploy the IAM policy and custom role needed for Vectra to read flow logs from S3 buckets * Configure VPC Flow Logs on each VPC to write to S3 * Call the Fusion API to create a Fusion traffic source for each VPC, or for each account and region when using a centralized S3 destination **Best for** Organizations experienced with AWS IaC that already provision VPCs or VPC flow log configurations through automation and want to extend that workflow to Fusion. **Next steps** * [AWS Custom IAC Onboarding for Cloud Automation Engineers](/cloud-onboarding/aws-cloud-onboarding/aws-configuration-automation-for-multiple-vpcs.md) --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.fusion.vectra.ai/cloud-onboarding/aws-cloud-onboarding.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.