Begin Scanning an Amazon S3 App

Secure your AWS S3 accounts and protect them from data exfiltration and malware propagation while adhering to AWS best practices for your security monitoring.
To connect an Amazon S3 app and begin scanning assets, you need to:
You must have a Public Storage License for SaaS Security API to scan for AWS S3 assets.
As you prepare to scan your Amazon S3 account, take note of the following values in the worksheet provided, as they are required to complete the setup of the Amazon S3 app on SaaS Security API:
AWS account ID
Required to enable the Amazon S3 Bucket created in CloudTrail.
Access key ID
Grants SaaS Security API permission to access Amazon S3.
Secret access key
The administrator root access key used to configure IAM services.
CloudTrail bucket name (or full path if the CloudTrail feature is already enabled)
Enables the Amazon S3 app to log management and data events to a CloudTrail bucket of your choice.
A configured area in CloudTrail that is scanned.
When scanning multiple AWS S3 accounts, each IAM role defines a set of permissions that grant access to actions and resources in AWS.

Recommended For You