Overview

This document will help you with the steps to ingest the Device Configuration: AWS Permissions needed for getting logs from S3 Bucket.

Prerequisite

In order to get logs from a S3 bucket, we require below access from customer end:

"s3:ListBucket" - Lists all the logs in a bucket, allowing us to keep track of which ones have already been ingested.
"s3:GetObject" - Allows us to download the logs from the bucket

Sample Steps

Sample IAM policy (Only for reference)

To Archive data using S3 bucket we need to fill following details.

Seceon Public Portal > Device Configuration: AWS Permissions needed for getting logs from S3 Bucket > image-20230505-065750.png

Important note

Note that the ListBucket permission is set to the entire bucket and the GetObject permission ends with a /* suffix, so we can get files in subdirectories

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket"
            ],
            "Resource": [
                "arn:aws:s3:::<BUCKET_NAME>"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:GetObject"
            ],
            "Resource": [
                "arn:aws:s3:::<BUCKET_NAME>/*"
            ]
        }
    ]
}