AWS Configure CloudTrail Setting
- From AWS console dashboard, search and go to "CloudTrail"
- Click on Trails in the left navigation pane, and click Create trail.
- In General details page, enter a Trail name based on your preference, keep the default selection to Create a new S3 bucket.
- Uncheck the options to enable Log file SSE-LMS encryption and Log file validation.
- Scroll down and click Next to continue.
- In Choose log events, Events > Event type, select Mangement events and Data events types.
- In Manage events > API activity: keep Read and Write options selected.
- In Data events, click Switch to basic event selectors.
- In Data event source, select S3, then click Next.
- Review the trail settings, make sure it is configured as multi-region trail, scroll down and click Create Trail.
You have finished all the preliminary steps to add your AWS account. Now go back to FortiCASB and click Next. |