When onboarding a new AWS account for compliance, Panther conducts a baseline scan to compile existing resources in your account. Resource changes are tracked in real-time and scans periodically run on your account to ensure the most consistent state possible.
This functionality is enabled by creating a read-only IAM Role and AWS CloudWatch Event Rules to stream real-time events. Automatic remediation can also be configured to reactively fix insecure infrastructure.
Panther can scan as many AWS accounts as you would like. Each resource is associated with the account's label (Prod, Dev, Test, etc).
Follow the steps below to setup scanning for each AWS account.