Amazon S3 integration

This page includes:

• Amazon S3 integration
  • About the Amazon S3 integration
  • The Amazon S3 integration procedure
  • Step 1: Activating the integration - in Perception Point X‑Ray
  • Step 2: Configuring the integration - in Amazon S3
  • Flow chart diagram

Note: Before implementing this channel integration, contact your Customer Success Manager for Perception Point X‑Ray to make sure that this functionality is included in your current Perception Point X‑Ray license.

About the Amazon S3 integration

Perception Point can be integrated with various products. This page explains the configurations that are required to integrate Perception Point with Amazon S3.

When you integrate Perception Point with Amazon S3, you specify which buckets in Amazon S3 will be included in the integration. After the integration is completed, each file that is uploaded to any of the included buckets will be scanned using the standard Perception Point scanning engines. Scan details are included in the Scans page in Perception Point. Remember to click the S3 filter icon [] to show only AWS S3 scans.

When you configure the integration, you can specify whether or not suspected malicious files should be quarantined. Perception Point creates a bucket in each AWS region for quarantined files.

The Amazon S3 integration procedure

Perform the 2-step procedure below to integrate Perception Point with Amazon S3.

Steps
Step 1 - Activating the integration - performed in Perception Point X‑Ray
Step 2 - Configuring the integration - performed in Amazon S3

Step 1: Activating the integration - in Perception Point X‑Ray

This step activates the Amazon S3 integration in Perception Point X‑Ray.

In Perception Point X‑Ray

1. In the left navigation menu, select Account > Bundles and Channels.

2. Make sure that a bundle is assigned that includes Amazon S3

3. Under Enabled Channels, locate "Amazon S3" and then click "Activate".

   The Activate AWS S3 dialog box opens.

   

4. Enter the required information, described below:

   Region	Select the AWS region in which your bucket is located. Note:  If you have buckets in more than one region, you'll need to repeat this procedure for each region. If you have more than one bucket in any region, you'll need to perform this procedure only once for each of these regions.
   API Token	Click the Copy icon [] to copy the Amazon S3 API token to the clipboard. You'll need to paste this token into Amazon AWS later in the integration procedure.
   URL	The URL that will be used for configuring the integration in Amazon S3.

5. It is recommended that you log-in to Amazon AWS before you click Go in the next step. This will ensure that you are automatically redirected to the correct environment inside Amazon AWS.

6. Click "Go".

Step 2: Configuring the integration - in Amazon S3

When you clicked Go at the end of Step 1 above, you should have been redirected to the CloudFormation service in Amazon S3. If you were not correctly directed:

1. Log in to the Amazon AWS Management Console - as an Administrator user.

2. Search for CloudFormation, and then open CloudFormation.

3. Go to Stacks > Create stack.

In the Amazon console

1. In the CloudFormation service, inside Stacks > Create stack, scroll down to the "Parameters" section.

   

2. Enter the information below:

   BucketsToScan	Enter the Amazon Resource Names (ARN) of the buckets to scan. Use the following format: arn:aws:s3:::<bucket name> For example: arn:aws:s3:::acme Separate multiple buckets with commas [and without a space], for example: arn:aws:s3:::acme1,arn:aws:s3:::acme2,arn:aws:s3:::acme3 Note: It is not possible to use a regular expression or wildcard character [*] to add multiple buckets.
   EnableQuarantine	True: Every file that is found to be malicious is moved to a quarantine bucket. The bucket is created by Perception Point X‑Ray - and is called the "Perception Point quarantine bucket". There is one quarantine bucket for each AWS region. False: Malicious files are not moved to a quarantine bucket. [default]
   Token	Paste the API token that you copied from Perception Point X‑Ray in the previous step.

3. In the Capabilities section, select both of the "acknowledgment" check boxes.

   

4. Click Create stack.

   Note: After you click Create stack, you may need to wait 15-20 minutes before the integration to Amazon AWS S3 is available. Monitor the following box in the AWS UI - and wait for CREATE_IN_PROGRESS to change to CREATE_COMPLETE:

The integration procedure is now complete.

Important: After you complete the activation procedure for Amazon S3, the Amazon S3 channel will still appear as Disabled - and not as Enabled - in the Perception Point X‑Ray user interface.

Flow chart diagram

Hover your cursor over the graphic below to enlarge it

See also: 

• Integrating Channels