Configuring AWS S3 to Receive Avanan Logs
- Go to AWS IAM: https://console.aws.amazon.com/iam/home#/home
- Click on Users > Add user
- Select a name and enable “Programmatic access”, click “Next: Permissions”
- Click on “Create group” (or the right group if already created)
- Click on “Create policy” (or select the right policy if already created)
- On the new tab, click on JSON and copy this over:
- For example:
- Click on Review Policy
- Select the policy you just created, give the group a name and click on “Create group”
- After the policy is created, go back to the previous tab and click “Refresh”
- On the next screen, select a policy name and click on “Create Policy”.
- Back to the “Add user” screen, confirm that the group you just created is selected and click on “Next: Tags”
- Add the necessary Tags (in accordance with your environment directives) and click on “Next: Review”
- Confirm all the configurations and click on “Create user”
- Download the CSV or copy the Access Key and Secret access key somewhere safe. This information won’t be available again
- Click Close.
- Click on Roles and on “Create role”
- Select Another AWS Account
- Insert the 12 digit number of the user you just created click on “Next: Permissions”
- Note: to find the 12 digit number, open the user on another screen:
- Select the policy you created, click on Next: Tags.
- Add the necessary Tags (in accordance with your environment directives) and click on Next: Review.
- Select a role name and click on Create Role
- Search for the role you just created, click on its name
- Select “Trust relationships” and click on “Edit trust relationship”
- Copy the following over and click on “Update Trust Policy”
- For Example:
- Copy the Role ARN to use on the Avanan side.
- Log in to Avanan portal and complete the SIEM integration. For more details, see SIEM integration.