Views:

Share XDR data with your AWS environment by configuring the AWS S3 bucket connector.

The AWS S3 bucket connector utilizes AWS cross account trust relationships to send XDR data to a configured S3 bucket. You can connect multiple S3 buckets and configure the data sent to each bucket individually. The AWS S3 bucket connector requires a custom AWS IAM role with custom permissions to connect an S3 bucket.
The following table outlines the actions you can take in the AWS S3 bucket connector screen.
Action
Description
Connect an AWS S3 bucket
Connect an S3 bucket to share XDR data
Click Connect AWS S3 Bucket to connect a bucket.
Manage S3 bucket connections
Enable or disable sharing data with connected S3 buckets
Edit a connection
Edit a connected S3 bucket
Click the edit icon (editIcon=6e8dd682-4c7a-4aaa-8aed-6c50cfa750b2.png) to edit a connected bucket.
Note
Note
You cannot change the name of a connected bucket.
Disconnect a bucket
Remove a connected S3 bucket and stop sharing XDR data
Click the disconnect icon (garbage_can_icon=GUID-11dc859c-fd77-4863-a448-d88c5a1cafd4.png) to disconnect a bucket.