Set up a Arctic Wolf connector

Capabilities

The Arctic Wolf connector syncs the following resources:

Resource	Sync	Provision
Accounts
Roles
Zones

Account provisioning creates console users only. The Aurora API has no set-password endpoint, so no password is set and none is returned. Console role and per-zone role (Zone Manager / User) assignments are provisionable. The “Zone Manager” console role is derived (set a user’s console role to User and assign a zone with the Zone Manager role), so it is synced but not directly grantable.

Gather Arctic Wolf credentials

To configure the Arctic Wolf connector, you need administrator permissions in the Aurora Endpoint Defense console.

In the Aurora console, go to Settings > Integrations and add a new application (integration) for C1.

Grant the application these scopes/privileges: user:list, user:read, user:create, user:update, and zone:list.

Copy the Application ID, Application Secret, and Tenant ID from the Integrations page and save them securely. Also note your console’s region/data center (for example, North America, Europe, or Asia-Pacific).

Configure the Arctic Wolf connector

Cloud-hosted
Self-hosted

Follow these instructions to use a built-in, no-code connector hosted by C1.

In C1, navigate to Integrations > Connectors and click Add connector.

Search for Arctic Wolf and click Add.

Choose how to set up the new Arctic Wolf connector:

Add the connector to a currently unmanaged app
Add the connector to a managed app
Create a new managed app

Set the owner for this connector.

Click Next.

Find the Settings area of the page and click Edit.

Enter the required configuration:

region (required): Aurora API region/data center — one of us, eu, apne, au, sa, usgov
app-id (required): Aurora API Application ID (used as the JWT subject)
app-secret (required): Aurora API Application Secret (used to sign the JWT)
tenant-id (required): Aurora API Tenant ID

Click Save.

The connector’s label changes to Syncing, followed by Connected. You can view the logs to ensure that information is syncing.

Done. Your Arctic Wolf connector is now pulling access data into C1.

Follow these instructions to use the Arctic Wolf connector, hosted and run in your own environment.When running in service mode on Kubernetes, a self-hosted connector maintains an ongoing connection with C1, automatically syncing and uploading data at regular intervals.

Resources

Official download center: For stable binaries (Windows/Linux/macOS) and container images.
GitHub repository: Access the source code, report issues, or contribute to the project.

Step 1: Set up a new Arctic Wolf connector

In C1, navigate to Integrations > Connectors > Add connector.

Search for Baton and click Add.

Choose how to set up the new Arctic Wolf connector:

Add the connector to a currently unmanaged app
Add the connector to a managed app
Create a new managed app

Set the owner for this connector.

Click Next.

In the Settings area of the page, click Edit.

Click Rotate to generate a new Client ID and Secret.Carefully copy and save these credentials.

Step 2: Create Kubernetes configuration files

Create two Kubernetes manifest files for your Arctic Wolf connector deployment:

Secrets configuration

# baton-arctic-wolf-secrets.yaml
apiVersion: v1
kind: Secret
metadata:
  name: baton-arctic-wolf-secrets
type: Opaque
stringData:
  # C1 credentials
  BATON_CLIENT_ID: <C1 client ID>
  BATON_CLIENT_SECRET: <C1 client secret>

  # Arctic Wolf (Aurora Endpoint Defense) credentials
  BATON_REGION: <us|eu|apne|au|sa|usgov>
  BATON_APP_ID: <Aurora Application ID>
  BATON_APP_SECRET: <Aurora Application Secret>
  BATON_TENANT_ID: <Aurora Tenant ID>

See the connector’s README or run --help to see all available configuration flags and environment variables.

Deployment configuration

# baton-arctic-wolf.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: baton-arctic-wolf
  labels:
    app: baton-arctic-wolf
spec:
  selector:
    matchLabels:
      app: baton-arctic-wolf
  template:
    metadata:
      labels:
        app: baton-arctic-wolf
        baton: "true"
        baton-app: arctic-wolf
    spec:
      containers:
      - name: baton-arctic-wolf
        image: public.ecr.aws/conductorone/baton-arctic-wolf:latest
        imagePullPolicy: IfNotPresent
        env:
        - name: BATON_HOST_ID
          value: baton-arctic-wolf
        envFrom:
        - secretRef:
            name: baton-arctic-wolf-secrets

Step 3: Deploy the connector

Create a namespace in which to run C1 connectors (if desired), then apply the secret config and deployment config files.

Check that the connector data uploaded correctly. In C1, click Applications. On the Managed apps tab, locate and click the name of the application you added the Arctic Wolf connector to. Arctic Wolf data should be found on the Entitlements and Accounts tabs.

Done. Your Arctic Wolf connector is now pulling access data into C1.

All versions of this connector are available at dist.conductorone.com.

Set up an Amazon EKS connector

Set up an Argo CD connector

⌘I

​Capabilities

​Gather Arctic Wolf credentials

​Configure the Arctic Wolf connector

​Resources

​Step 1: Set up a new Arctic Wolf connector

​Step 2: Create Kubernetes configuration files

​Secrets configuration

​Deployment configuration

​Step 3: Deploy the connector

Capabilities

Gather Arctic Wolf credentials

Configure the Arctic Wolf connector

Resources

Step 1: Set up a new Arctic Wolf connector

Step 2: Create Kubernetes configuration files

Secrets configuration

Deployment configuration

Step 3: Deploy the connector