Skip to main content

Create Agent Access Token

The Lacework agent requires a valid agent access token to successfully authenticate with the Lacework server.

Lacework automatically generates an access token for your account. You can use the same token for all agents or use the Lacework Console to create a new token.

Important

Treat agent access tokens as secrets; do not publish them. A token uniquely identifies a Lacework customer.

If you suspect your agent token has been publicly exposed or compromised, create a new token from the Lacework Console. You can either add the new token to the config.json file or reinstall the agent on all machines that use the old token. When complete, the old token can safely be disabled without interrupting Lacework services.

Create a New Access Token

To create a new access token in the Lacework Console:

  1. In the Lacework Console, go to Settings > Configuration > Agent Tokens.

  2. Click + Add New.

  3. In the Name field, enter a unique name for the access token.

    You can use the agent access token name to logically separate your deployments, for example, by environment types (QA, Dev, etc.) or system types (CentOS, RHEL, etc.).

  4. In the Description field, you can optionally specify a description.

  5. Select Linux as the Operating System.

  6. Click Save to create the new access token.

  7. Verify the new token in the Agents list.

  8. Click the ... icon in the row for the new token and select Copy to copy the access token.

You can also create an agent access token via the Lacework API. For more information, see Access the Lacework API.

Use an Existing Access Token

To use an existing access token from the Lacework Console:

  1. In the Lacework Console, go to Settings > Configuration > Agent Tokens.
  2. View the list of access tokens and sort by OS type (either Windows or Linux) under the OS column.
  3. Click the ... icon in the row for the access token you want to use to install the agent and select Copy to copy the access token. An access token can be re-used for multiple agent installations.

Deactivate an Existing Access Token

To deactivate an existing access token:

  1. In the Lacework Console, go to Settings > Configuration > Agent Tokens.
  2. In the row for the token, toggle the Enabled slider to off (toggle to the left)

All Lacework agents using a deactivated token can not communicate with Lacework and must be updated with an active token.

Last updated on