AWS Integrations

Requirement:

• Bucket Name - Name of the bucket where CloudTrail logs are placed.
• Access Key ID & Secret Key - Credentials after creating the IAM Access, giving permissions to read the bucket where CloudTrail logs are stored.

Configuring an S3 Bucket:

Amazon Simple Storage Service (Amazon S3) is an object storage service that delivers industry-leading scalability, data availability, security, and performance. We use it to save the data flow generated by Zensor, and we redirect this data to the rest of the services from AWS to work with them. In this section we will see how to create these data containers:

Go to Services > Storage > S3: Create a new bucket, give it a name, then click on the Create button.

Create credentials:

Create an IAM User

Zensor will need a user with permission to pull log data from the S3 bucket. The easiest way to accomplish this is by creating a new IAM user for your account. We will only allow it to read data from the bucket.

 Create a new user: Navigate to Services > IAM > Users

Click on “Next: Permissions” to continue. Create policy:

We will attach this policy later to the user we are creating.

Check that your new policy looks like this:

Raw output for example policy:

{
   "Version": "2012-10-17",
   "Statement": [
      {
         "Sid": "VisualEditor0",
         "Effect": "Allow",
         "Action": [
            "s3:GetObject",
            "s3:ListBucket",
            "s3:DeleteObject"
         ],
         "Resource": [
            "arn:aws:s3:::Zensor-cloudtrail",
            "arn:aws:s3:::Zensor-cloudtrail/*"
         ]
      }
   ]
}

Save the credentials and send them to Zeron Team.