You are viewing an old version of this page. View the current version.
Compare with Current View Page History
« Previous Version 6 Next »
Page Contents
Search
For Amazon Web Services (AWS), there are some steps to take prior to setting the connection within the ZenGRC application.
To set up an AWS account, complete the following steps:
Create a new S3 bucket for use with ZenGRC. Setup the following CORS permissions for the bucket:
<?xml version="1.0" encoding="UTF-8"?> <CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <CORSRule> <AllowedOrigin>https://<REPLACE_ME>.zengrc.com</AllowedOrigin> <AllowedMethod>POST</AllowedMethod> <AllowedMethod>GET</AllowedMethod> <MaxAgeSeconds>3000</MaxAgeSeconds> <ExposeHeader>ETag</ExposeHeader> <AllowedHeader>*</AllowedHeader> </CORSRule> </CORSConfiguration>
Setup any additional options such as logging, server-side encryption, versioning as necessary.
Create an IAM policy attached to the user created in Step 1 with the following policy JSON:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "1", "Effect": "Allow", "Action": [ "s3:ListBucketByTags", "s3:ListBucketMultipartUploads", "s3:GetObjectVersionTagging", "s3:ListBucketVersions", "s3:PutObjectVersionTagging", "s3:ListBucket", "s3:ListMultipartUploadParts", "s3:PutObject", "s3:GetObject", "s3:GetBucketCORS", "s3:GetObjectTagging", "s3:PutObjectTagging", "s3:GetBucketLocation", "s3:GetObjectVersion", "s3:DeleteObject" ], "Resource": [ "arn:aws:s3:::REPLACE_WITH_BUCKET_NAME", "arn:aws:s3:::REPLACE_WITH_BUCKET_NAME/*" ] } ] }
Create an AWS Access Key for the IAM user created in Step 1.
Other Helpful Content
• Access and User Assistance • System of Record List Views • Actions on the Details Page • Creating New Objects • Favorites • Quick Tips for End Users (Printable) • Searching the Left-Hand Navigation