To connect to the Lacework cloud, Lacework agents require an access token. If you have a Lacework account, you have an access token, which is automatically generated for you. Lacework provides scripts and configuration files to facilitate deployment, which include the token. The same token can be used by all agents. The rest of this document uses <Access_Token> in examples as a placeholder for an actual customer authorized access token.
Access token information is located on the agent tab in the Lacework UI. New access tokens can be generated from this page, and existing agents can be deactivated. All Lacework agents using a deactivated access token will not be able to communicate with the Lacework cloud and need to be updated with an active token.
Lacework-provided scripts and files are access token specific and are listed under ‘Show Install Options’ for each agent.
Access tokens should be treated as secret and not published. An access token uniquely identifies a customer of Lacework. If you suspect your access token has been publicly exposed or compromised, you should generate a new token from the UI. You can either add the new token to the config.json file or reinstall the agent on all machines using the old token. When complete, the old access token can safely be disabled without interrupting Lacework services.