Views:

Connect to your AWS S3 bucket to start sharing XDR data.

Important
Important
Before connecting to an S3 bucket, you must configure a custom role and permissions on the AWS console. For more information, see Configuring roles for the AWS S3 bucket connector
All AWS S3 buckets require an external ID. To modify an existing configuration, you must add an external ID to your custom trust policy in the AWS IAM console.

Procedure

  1. In the Trend Vision One console, go to Workflow and AutomationThird-Party IntegrationAWS S3 Bucket Connector.
  2. Click Connect AWS S3 Bucket.
  3. Configure the settings in the AWS S3 Bucket Connection screen.
    • Bucket name: The S3 bucket you want to connect
    • Role ARN: The role ARN from the AWS IAM console
    • External ID: The identifier allowing Trend Vision One to assume the role created in the AWS IAM console and access AWS resources as a third party
      Click the eye icon to reveal the external ID generated by Trend Vision One, then click the copy icon (copy-icon-white=GUID-4dd3be76-c23d-48ed-8bbe-ae27229acb0e.png) to copy the ID. You need to add the external ID to your custom trust policy in the AWS IAM console.
      For more information on external IDs, see AWS documentation.
    • Data scope: The data you want to send to the S3 bucket
      For more information about what data is sent, see Data specification for AWS S3 buckets.
    Note
    Note
    Once you connect an S3 bucket, you cannot edit the bucket name.
  4. Click Test Connection.
    Each time you click Test Connection, a test event is added to the S3 bucket.
  5. After the test completes successfully, click Connect to save and connect.
  6. (Optional) On the AWS S3 Bucket Connector screen, use the edit (editIcon=6e8dd682-4c7a-4aaa-8aed-6c50cfa750b2.png) and delete (garbage_can_icon=GUID-11dc859c-fd77-4863-a448-d88c5a1cafd4.png) icons to manage your existing buckets.