If you are using a key management service (KMS) key to encrypt the Amazon S3 buckets where your logs are stored, you need to perform the following steps to enable your USM Anywhere Sensor to decrypt those buckets.Documentation Index
Fetch the complete documentation index at: https://docs.levelblue.com/llms.txt
Use this file to discover all available pages before exploring further.
Note: To do this, you first need to know the bucket that is encrypted, the KMS key used for the encryption, and the Identity and Access Management (IAM) role created for your sensor.
- Log in to the AWS Management Console and navigate to the Key Management Service (KMS) page.
- Open the Customer Managed Keys page and locate the KMS key you are using.
- Scroll down to the Key Users section.
- Click Add.
-
Use the list or the search bar to select the IAM role created for your sensor.
- Click Add.