AWS not discovering New S3 Buckets
search cancel

AWS not discovering New S3 Buckets


Article ID: 240018


Updated On:


CASB Securlet IAAS CASB Security Advanced CASB Security Advanced IAAS CASB Security Premium CASB Security Premium IAAS CASB Security Standard CASB Securlet SAAS CASB Advanced Threat Protection CASB Audit CASB Gateway CASB Gateway Advanced CASB Securlet SAAS With DLP-CDS


After activating AWS Securlet, CloudSOC is not updating with newly created S3 Buckets (whereas the initial Securlet activation allowed for discovery of either all new S3 buckets or new S3 buckets with either a designated prefix or suffix to their name).


The ARN for IaaSSNSname was incorrect


  1. Login to AWS

  2. Verify that you are in the correct region where you have activated the Securlet

  3. Search for CloudFormation and select it

  4. In CloudFormation > Stack choose the Stack name that you created on activation

  5. The CloudFormation > Stack > [Stack name] window opens and click on the Resources tab > click the IaaSctsns link

  6. This opens the AmazonSNS > Topics > IaaSSNSname window

  7. On the left side pane - select Subscriptions

    1. If the Status is "Confirmed" then the issue is different and more troubleshooting will be needed
    2. If the Status is "Pending confirmation" then continue on to the next steps
      1. If the Status is set to 'Pending'- there is a likelihood that an old "V1 resource ARN was used during the Securlet
        activation instead of the new resource created per the Cloud Formation Template.

  8. Go back to 'Topics' (left hand link on image above). Copy the ARN value

  9. Login to CloudSOC

  10. Go to Securlets > AWS > Connections and click the ellipsis > Edit

  11. Go to the CloudTrail Setup and paste the SNSArn and Click Save

  12. Allow 15 mintues for things to sync and test adding a new S3 bucket.

  13. If the same issue occurs or if there are other problems then it's recommended to 'Delete' the existing connection and reactivate the AWS Securlet.