Carbon Black Cloud: "Your request was unsuccessful" message appears when creating a Data Forwarder
search cancel

Carbon Black Cloud: "Your request was unsuccessful" message appears when creating a Data Forwarder

book

Article ID: 289678

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense) Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)

Issue/Introduction

  • "Your request was unsuccessful" error message appears during configuration of a new Data Forwarder

Environment

  • Carbon Black Cloud Console: 0.51.0 backend and higher
  • CBC Data Forwarder: All Versions
  • Amazon Simple Storage Service (Amazon S3)

Cause

  • Incorrect S3 bucket region
  • Incorrect AWS policy
  • Unsupported encryption of the AWS S3 bucket

Resolution

  1. Check that the bucket was created in the correct region: List of supported AWS regions
  2. Check that the bucket has the correct AWS policy, which grants Carbon Black Cloud the ability to write objects to the bucket
    1. A sample policy can be found here: https://docs.vmware.com/en/VMware-Carbon-Black-Cloud/services/carbon-black-cloud-user-guide/GUID-96EF04B1-440A-4769-BE1A-2BE3E517E022.html
    2. The most common issues are:
      1. The bucket policy was never applied
      2. The bucket policy does not have the correct Principal ID in the Statement -> Principal -> AWS field. A table of Principal IDs is available in the documentation linked above.
      3. The bucket policy doesn't specify the correct bucket name under "Resource" or is missing a wildcard after the bucket name or prefix
  3. Check that the bucket isn't using unsupported encryption
    1. Carbon Black Cloud does not currently support KMS encrypted buckets, only AWS managed encryption
Powered by Wolken Software