Skip to main content

2.AWS_S3Scan Job

The 2.AWS_S3Scan job collects details about the AWS S3 buckets including details about the objects in those buckets.

Queries for the 2.AWS_S3Scan Job

The S3 Scan query uses the AWS Data Collector to target all AWS instances and has been preconfigured to use the Collect S3 category.

Query Selection page

The 2.AWS_S3Scan job has the following configurable query:

  • S3 Scan – Collects information about the AWS S3 buckets and objects

Configure the S3 Scan Query

The S3 Scan query in the 2.AWS_S3 Scan job has been preconfigured to run with the default settings with the category of Collect S3. Follow the steps to set any desired customizations.

Step 1 – Navigate to the AWS > 0.Collection > 2.AWS_S3Scan > Configure node and select the Queries node.

Step 2 – In the Query Selection view, click Query Properties. The Query Properties window opens.

Step 3 – Select the Data Source tab, and click Configure. The Amazon Web Services Data Collector Wizard opens.

AWS Data Collector Login Roles wizard page

Step 4 – On the Login Roles page, add the created AWS Roles:

  • Enter the Role in the Role Name field and click Add
  • Alternatively, import multiple Roles from a CSV file
  • See the Configure AWS for Scans topic for additional information

AWS Data Collector Filter S3 Objects wizard page

Step 5 – On the Filter S3 Objects page, scope the scan to target specific S3 objects:

  • Click Add to select from AWS Buckets in the target environment
  • Alternatively, click Add Custom Filter to configure a custom filter as a text string
  • See the AWS: Filter S3 Objects topic for additional information

Step 6 – On the Summary page, click Finish to save any modifications or click Cancel if no changes were made. Then click OK to close the Query Properties window.

If changes were saved, the 2.AWS_S3Scan Job has now been customized.

Analysis Tasks for the 2.AWS_S3Scan Job

Navigate to the AWS > 0.Collection > 2.AWS_S3Scan > Configure node and select Analysis to view analysis tasks.

CAUTION: Do not modify or deselect the selected analysis task. The analysis task is preconfigured for this job.

Analysis Tasks for the 2.AWS_S3Scan Job

The following analysis task is selected by default:

  • AIC AWS S3 Bucket Permissions Import – Imports AWS S3 Bucket permissions into the Access Information Center