Note : If Cloudtrail is already configured to log events to S3 Bucket then Step -1 can be ignored and directly start with Step-2
Creating a CloudTrail on AWS
Event Types:
Select the following event types:Management Events
Data Events
Insight Events
Management Events Settings:
Under API Activity, ensure you select both:Read
Write
S3 Bucket:
Take note of the S3 bucket used as the destination for your CloudTrail logs.
CloudDefense.AI Platform - CIEM Integration
In the CIEM tab, click on the Configure Policy Recommendation button.
Provide the S3 bucket name used for CloudTrail logs and specify the AWS region for which the CIEM access recommendations will be calculated.
Using a Single S3 Bucket for Multiple Regions:
If you are using the same S3 bucket for CloudTrail logs across multiple AWS regions, you can configure multiple accounts under Configure Policy Recommendation. Use the same bucket name but specify different regions.
This configuration will analyze user access for the selected regions and generate tailored policy recommendations.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article