SaaS Security Administrator's Guide
    : Onboard a Datadog App to SSPM
    Focus
    Download PDF
    Focus
    1. Home
    2. SaaS Security
    3. SaaS Security Administrator's Guide
    4. SaaS Security Posture Management
    5. Onboard SaaS Apps Supported by SSPM
    6. Onboard a Datadog App to SSPM
    Download PDF

    SaaS Security Administrator's Guide

    Onboard a Datadog App to SSPM

    Table of Contents

    Onboard a Datadog App to SSPM

    Connect a Datadog instance to SSPM to detect posture risks.
    For SSPM to detect posture risks in your Datadog instance, you must onboard your Datadog instance to SSPM. Through the onboarding process, SSPM connects to a Datadog API and, through the API, scans your Datadog instance for misconfigured settings. If there are misconfigured settings, SSPM suggests a remediation action based on best practices.
    SSPM gets access to your Datadog instance through an API access key. During the onboarding process, SSPM prompts you for the API access key and related information for your Datadog instance.
    To onboard your Datadog instance, you complete the following actions:

    Collect Information for Accessing Your Datadog Instance

    To access your Datadog instance, SSPM requires the following information, which you will specify during the onboarding process.
    Item
    Description
    Region
    Datadog manages a number of independent sites in separate geographic areas around the world. Because these sites are separate from each other, you must specify which regional Datadog site you are using.
    API Key
    A generated character string that uniquely identifies your organization to the Datadog API. SSPM requires this API key to authenticate to the Datadog API.
    Application Key
    A generated character string that the Datadog API uses to determine the access permissions of a calling application. The application key is associated with the administrator who generates the key.
    As you complete the following steps, make note of the values of the items described in the preceding table. You will need to enter these values during onboarding to access your Datadog instance from SSPM.
    1. Identify the Datadog administrator account that will generate the API Key and Application Key.
      Required Permissions:
       To generate the necessary keys, the administrator must have the Datadog Admin role with the following permissions:
      • Org Management
      • User App Keys
      • API Keys Read
      • API Keys Write
    2. Identify your Datadog region.
      1. Open a web browser and go to the Datadog login page that you use to access your Datadog instance.
      2. Make a note of the regional Datadog site that your organization is using. The Datadog login page shows your regional Datadog site. You can also determine your regional Datadog site from the site URL. Use the following table to determine your region based on the site URL.
        URL
        Region
        https://app.datadoghq.com
        US1
        https://us3.datadoghq.com
        US3
        https://us5.datadoghq.com
        US5
        https://app.datadoghq.eu
        EU1
        https://app.ddog-gov.com
        US1-FED
        Do not continue to the next step unless you have recorded the region information. You must provide this information to SSPM during the onboarding process.
    3. Log in to the administrator account.
    4. Generate an API key for your organization.
      1. Click your Datadog account icon in the top-right corner, and select
        Organization Settings
        .
      2. On the Organization Settings page, select
        API Keys
        .
      3. On the API Keys page, click
        New Key
        .
      4. In the New API Key dialog, enter a name for the key and click
        Create Key
        .
        Datadog generates and displays your new key.
      5. Copy Key
         and paste the key into a text file.
        Do not continue to the next step unless you have copied the API Key. You must provide this key to SSPM during the onboarding process.
    5. Generate an Application key to grant SSPM access permissions.
      1. On the Organization Settings page, select
        Application Keys
        .
      2. On the Application Keys page, click
        New Key
        .
      3. In the New Key dialog, enter a name for the key and click
        Create Key
        .
        Datadog generates and displays your new key.
      4. Copy Key
         and paste the key into a text file.
        Do not continue to the next step unless you have copied the Application Key. You must provide this key to SSPM during the onboarding process.

    Connect SSPM to Your Datadog Instance

    By adding a Datadog app in SSPM, you enable SSPM to connect to your Datadog instance.
    1. From the Add Application Page (
      Posture Security
      Applications
      Add Application
      ), click the Datadog tile.
    2. Under posture security instances,
      Add Instance
       or, if there is already an instance configured,
      Add New
       instance.
    3. Enter the API Key, Application Key, and Region information for your Datadog instance and
      Connect
      .

    Recommended For You

    © 2024 Palo Alto Networks, Inc. All rights reserved.