Integrate Prisma Cloud with Amazon S3
Learn how to integrate Prisma™ Cloud with Amazon S3.
Amazon S3 is widely used for storage and staging
data. You can integrate Prisma Cloud with Amazon S3 to get notifications
for configuration, audit, and anomaly policy violations.
Using
this integration, you can stream the Prisma Cloud alerts to an Amazon
S3 bucket or folder. You can also decide how often the notifications
should be published to the S3 bucket using
File Roll
Up Time
.This integration is supported only
on alerts 2.0-enabled tenants.
- Configure Amazon S3 to receive Prisma Cloud alerts.
- Log in to the AWS management console and select S3.
- Create an S3 bucket in your preferred region.
- (Optional) Create a folder. If the desired bucket or folder path already exists, you can skip this step.
- Select IAM and create a role for Prisma Cloud to be able to write notifications to the S3 bucket.
- Create a new policy with thes3:PutObjectpermission for the bucket you created in Step 1. The policy document should be similar to:Do not use PutObject permission on all buckets as it may generate an alert on the Prisma Cloud console.
- To configure multiple S3 integrations with multiple buckets, the policy document should be similar to:
- Create an IAM role with the following configurations:
- Select type of trusted entityAnother AWS Account.Enter the Account ID*188619942792. In case of AWS Gov accounts, enter the Account ID*342570144056.
- Configure theExternal IDfor IAM role. The External ID associated with the IAM role must be a UUID in a 128-bit format, and not any random string. If you’re using the Prisma Cloud web console, clickGenerate Tokento generate the External ID while adding the S3 integration. If you’re using the Prisma Cloud API, you must manually create the External ID.
- Select the policy created in Step 2 and follow the steps to configure the IAM role.
- Save.
- Set up the Amazon S3 Integration on Prisma Cloud.
- Log in to Prisma Cloud.
- Select.SettingsIntegrations
- . A modal wizard opens where you can add the S3 integration.Add IntegrationAmazon S3
- Enter aNameand (optional)Description.
- EnterS3 URIfor the S3 bucket or folder path from Step 1. The format should be:s3://bucketname/ors3://bucketname/foldername/.
- Enter theAWS Regionin which you created the S3 bucket.
- Generatethe External ID to associate it to the IAM role which is required for Prisma Cloud to be able to write notifications to the S3 bucket.
- Enter theRole ARNof the IAM role setup during Step 1b.
- Select theFile Roll Up Timefrom the drop-down. The default is 1 hour, you can change it to, 15 minutes, 30 minutes, or 3 hours.
- Next.
- TestandSavethe integration.
- You should receive a success message and a test file should be created on the specified S3 URI.
- To edit the integration, click the correspondingEditicon. The integrationSummarypage opens.
- Editto update the integration as required.
- Nextto review your edits.
- TestandSavethe integration.
Recommended For You
Recommended Videos
Recommended videos not found.