Description | This article provides the configuration on AWS's side to allow FortiAnalyzer access to an S3 bucket. |
Scope | FortiAnalyzer, AWS. |
Solution |
If S3 buckets are configured wrongly, they can potentially be accessed by anyone on the public Web. To make sure only the FortiAnalyzer can upload logs to an S3 bucket, the IAM user used by FortiAnalyzer needs to have a permission policy assigned to it that allows it access to the bucket:
It is also possible to configure a bucket policy allowing only FortiAnalyzer's IAM user access to the bucket:
Once the policies have been configured, it is possible to check if the FortiAnalyzer's S3 connection is successful with the following command:
diag test app uploadd 62 <connector-id> <bucket-path>
|