: Begin Scanning an Amazon S3 App
Focus
Focus

Begin Scanning an Amazon S3 App

Table of Contents

Begin Scanning an Amazon S3 App

Secure your AWS S3 accounts and protect them from data exfiltration and malware propagation while adhering to AWS best practices for your security monitoring.
To connect an Amazon S3 app and begin scanning assets, you need to:
You must have a Public Storage License for Data Security to scan for AWS S3 assets.
As you prepare to scan your Amazon S3 account, take note of the following values in the worksheet provided, as they are required to complete the setup of the Amazon S3 app on Data Security:
ItemDescription
AWS account ID
Required to enable the Amazon S3 Bucket created in CloudTrail.
Access key ID
Grants Data Security permission to access Amazon S3.
Secret access key
The administrator root access key used to configure the IAM services.
CloudTrail bucket name (or full path if the CloudTrail feature is already enabled)
Enables the Amazon S3 app to log management and data events to a CloudTrail bucket of your choice.
Region
A configured area in CloudTrail that is scanned.
Role
When scanning multiple AWS S3 accounts, each IAM role defines a set of permissions that grant access to actions and resources in AWS.