Fortinet black logo

Online Help

AWS S3

Copy Link
Copy Doc ID 6214e17c-9e13-11eb-b70b-00505692583a:629156

AWS S3

Prerequisites

Account Requirement

Before adding your AWS S3 account to FortiCASB, make sure the AWS account user you use is an Administrator User. For instructions on creating an "Administrative User" in your AWS account, please refer to: https://docs.aws.amazon.com/mediapackage/latest/ug/setting-up-create-iam-user.html.

Activate Security Token Service (STS)

FortiCASB uses regional Security Token Service (STS) to reduce latency and provide smoother user experience.

Follow these steps to turn on Security Token Service (STS) on AWS console.

  1. From your AWS console dashboard, go to Identity and Access Management (IAM).
  2. Click Account settings from the left navigation panel, and click to expand Security Token Service (STS).
  3. Based on your location, activate EU (Ireland) if you are located in European Union, otherwise, activate US West (Oregon).

Add AWS S3 Account

Use the Administrator User to create new AWS Policy, Role, and configure the CloudTrail setting:

  1. AWS Policy Creation
  2. AWS Role Creation
  3. Update AWS Role External ID (optional)
  4. AWS Configure CloudTrail Setting
  5. Add AWS S3 Account

After all 3 steps are completed, go back to FortiCASB to finish adding the AWS account.

AWS S3

Prerequisites

Account Requirement

Before adding your AWS S3 account to FortiCASB, make sure the AWS account user you use is an Administrator User. For instructions on creating an "Administrative User" in your AWS account, please refer to: https://docs.aws.amazon.com/mediapackage/latest/ug/setting-up-create-iam-user.html.

Activate Security Token Service (STS)

FortiCASB uses regional Security Token Service (STS) to reduce latency and provide smoother user experience.

Follow these steps to turn on Security Token Service (STS) on AWS console.

  1. From your AWS console dashboard, go to Identity and Access Management (IAM).
  2. Click Account settings from the left navigation panel, and click to expand Security Token Service (STS).
  3. Based on your location, activate EU (Ireland) if you are located in European Union, otherwise, activate US West (Oregon).

Add AWS S3 Account

Use the Administrator User to create new AWS Policy, Role, and configure the CloudTrail setting:

  1. AWS Policy Creation
  2. AWS Role Creation
  3. Update AWS Role External ID (optional)
  4. AWS Configure CloudTrail Setting
  5. Add AWS S3 Account

After all 3 steps are completed, go back to FortiCASB to finish adding the AWS account.