Skip to main content
Version: 2.0.0

AWS Integrations

 AWS Integrations Docs

Requirement:

  • Bucket Name - Name of the bucket where CloudTrail logs are placed.
  • Access Key ID & Secret Key - Credentials after creating the IAM Access, giving permissions to read the bucket where CloudTrail logs are stored.

Configuring an S3 Bucket:

Amazon Simple Storage Service (Amazon S3) is an object storage service that delivers industry-leading scalability, data availability, security, and performance. We use it to save the data flow generated by Zensor, and we redirect this data to the rest of the services from AWS to work with them. In this section we will see how to create these data containers:

Go to Services > Storage > S3: Create a new bucket, give it a name, then click on the Create button.

configuring s3 bucket

Create credentials:

Create an IAM User

Zensor will need a user with permission to pull log data from the S3 bucket. The easiest way to accomplish this is by creating a new IAM user for your account. We will only allow it to read data from the bucket.

 Create a new user: Navigate to Services > IAM > Users

Add User details

Click on “Next: Permissions” to continue. Create policy:

We will attach this policy later to the user we are creating.

Add Policy

Check that your new policy looks like this:

Add Policy Json

Raw output for example policy:

{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:ListBucket",
"s3:DeleteObject"
],
"Resource": [
"arn:aws:s3:::Zensor-cloudtrail",
"arn:aws:s3:::Zensor-cloudtrail/*"
]
}
]
}

Attach Policy Json

Save the credentials and send them to Zeron Team.