Secure your AWS S3 accounts and protect them from data exfiltration and malware
propagation while adhering to AWS best practices for your security monitoring.
Where Can I Use This?
What Do I Need?
Strata Cloud Manager
Data Security license
Or any of the following licenses that include the Data Security license:
CASB-X
CASB-PA
Supported Content
Support For
Details
Scan Content
Buckets, Files
Backward Scan
Yes
Forward Scan
Yes
Rescan
No
Selective Scan
No
Exposure
Internal, External, Public
Remediation Actions
User Quarantine—No
Admin Quarantine—Yes, only files
Change Sharing—Yes
Post-Remediation Actions (Actions after Admin Quarantine):
You can delete, restore, or download a quarantined file after
performing a remediation action (for example quarantine or
incident generation).
Delete—Yes
Restore—Yes
Download—Yes
Notifications
Notify File Owner—Yes
Notify Via Slack—Yes (applicable only if you have onboarded
Slack Enterprise or Slack Pro and Business)
User Activities
Activity Monitoring—Yes
Activity Alerting—Yes
Folder Monitoring—No
Snippet Support
Yes
Known License/Version restrictions
None
Caveats/Notes
None
To connect an Amazon S3 app and begin scanning assets, you need to:
In addition to the Data Security license, you must have an Evident
Storage license for Data Security to scan for AWS S3 assets.
As you prepare to scan your Amazon S3 account, take note of the following values in the
worksheet provided, as they are required to complete the setup of the Amazon S3 app on
Data Security:
Item
Description
AWS account ID
Required to enable the Amazon S3 Bucket created in CloudTrail.
Access key ID
Grants Data Security permission to access Amazon S3.
Secret access key
The administrator root access key used to configure the IAM
services.
CloudTrail bucket name (or full path if the CloudTrail feature is
already enabled)
Enables the Amazon S3 app to log management and data events to a
CloudTrail bucket of your choice.
Region
A configured area in CloudTrail that is scanned.
Role
When scanning multiple AWS S3 accounts, each IAM role defines a set
of permissions that grant access to actions and resources in
AWS.
