Enable AWS S3 bucket event notifications

book

Article ID: 170977

calendar_today

Updated On:

Products

CASB Security Standard CASB Security Premium CASB Security Advanced

Issue/Introduction

Follow the instructions in this section if you are enabling AWS S3 support.

Resolution

Enable AWS S3 bucket event notifications

Follow the instructions in this section if you are enabling AWS S3 support as described in 4. (Optional) Enable S3 Server Access Logging in AWS . Otherwise, skip this section.

To enable bucket event notifications:

  1. Sign in to the AWS Management Console and open the Amazon S3 console at https://console.aws.amazon.com/s3/ .
  2. In the Buckets list, select the target bucket(s) that you have configured with Elastica, click Properties , and then click Events .
  3. In the Name box, type a descriptive name for your event configuration, eg: ‘ElasticaS3config’. If you do not enter a name, a generated GUID is used for the name.
  4. Click in the Events box and choose ObjectCreated (All) event type to ensue that AWS sends notifications to the destination when any event occurs.
  5. Select SQS queue as the destination type.
  6. In the SQS queue box, choose Add SQS ARN from the menu and type the ARN of the SQS queue in the SQS queue ARN box in the following format:
    • arn:aws:sqs: < region > : 279556430935 :elastica-cloudtrail-queue- < tenantname >
    • Where: <Region> is the Region Value from the below options, ex: US Standard has a Region Value of us-east-1
      • US West (N. California): us-west-1
      • US Standard: us-east-1
      • US West (Oregon): us-west-2
      • EU (Ireland): eu-west-1
      • EU (Frankfort): eu-central-1
      • Asia Pacific (Singapore): ap-southeast-1
      • Asia Pacific (Tokyo): ap-northeast-1
      • Asia Pacific (Sydney): ap-southeast-2
    • <tenantname> is your Elastica tenant ID
    • For example, if your tenant ID is xyzcom and your region Ireland , the SQS queue ARN would be:
      arn:aws:sqs:eu-west-1: 279556430935 :elastica-cloudtrail-queue-xyzcom
  7. Click Save . Amazon S3 sends a test message to the event notification destination.
  8. Repeat the instructions in this section for all regions in which you have target buckets.