1. Home
    2. Prisma
    3. Prisma Cloud
    4. Prisma™ Cloud Administrator's Guide
    5. Configure External Integrations on Prisma Cloud
    6. Integrate Prisma Cloud with Amazon S3

    Integrate Prisma Cloud with Amazon S3

    Learn how to integrate Prisma™ Cloud with Amazon S3.
    Amazon S3 is widely used for storage and staging data. You can integrate Prisma Cloud with Amazon S3 to get notifications for configuration, audit, and anomaly policy violations.
    Using this integration, you can stream the Prisma Cloud alerts to an Amazon S3 bucket or folder. You can also decide how often the notifications should be published to the S3 bucket using
    File Roll Up Time
    .
    This integration is supported only on alerts 2.0-enabled tenants.
    1. Configure Amazon S3 to receive Prisma Cloud alerts.
      1. Log in to the AWS management console and select S3.
        • Create an S3 bucket in your preferred region.
        • (Optional) Create a folder. If the desired bucket or folder path already exists, you can skip this step.
      2. Select IAM and create a role for Prisma Cloud to be able to write notifications to the S3 bucket.
        • Create a new policy with the
          s3:PutObject
           permission for the bucket you created in Step 1. The policy document should be similar to:
          Do not use PutObject permission on all buckets as it may generate an alert on the Prisma Cloud console.
        • To configure multiple S3 integrations with multiple buckets, the policy document should be similar to:
        • Create an IAM role with the following configurations:
        • Select type of trusted entity
          Another AWS Account
          .
          Enter the Account ID*
          188619942792
          . In case of AWS Gov accounts, enter the Account ID*
          342570144056
          .
        • Configure the
          External ID
           for IAM role. The External ID associated with the IAM role must be a UUID in a 128-bit format, and not any random string. If you’re using the Prisma Cloud web console, click
          Generate Token
           to generate the External ID while adding the S3 integration. If you’re using the Prisma Cloud API, you must manually create the External ID.
        • Select the policy created in Step 2 and follow the steps to configure the IAM role.
        • Save
          .
    2. Set up the Amazon S3 Integration on Prisma Cloud.
      1. Log in to Prisma Cloud.
      2. Select
        Settings
        Integrations
        .
      3. Add Integration
        Amazon S3
        . A modal wizard opens where you can add the S3 integration.
      4. Enter a
        Name
         and (optional)
        Description
        .
      5. Enter
        S3 URI
         for the S3 bucket or folder path from Step 1. The format should be:
        s3://bucketname/
         or
        s3://bucketname/foldername/
         .
      6. Enter the
        AWS Region
         in which you created the S3 bucket.
      7. Generate
         the External ID to associate it to the IAM role which is required for Prisma Cloud to be able to write notifications to the S3 bucket.
      8. Enter the
        Role ARN
         of the IAM role setup during Step 1b.
      9. Select the
        File Roll Up Time
         from the drop-down. The default is 1 hour, you can change it to, 15 minutes, 30 minutes, or 3 hours.
      10. Next
        .
      11. Test
         and
        Save
         the integration.
      12. You should receive a success message and a test file should be created on the specified S3 URI.
      13. To edit the integration, click the corresponding
        Edit
         icon. The integration
        Summary
         page opens.
      14. Edit
         to update the integration as required.
      15. Next
         to review your edits.
      16. Test
         and
        Save
         the integration.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2023 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo