Collector "AWS-S3" Configuration Manual

Before reading this, please read the following first:

• TrueWatch Integration

Before using this collector, you must install the 'Integration Core Package' and its associated third-party dependency packages

1. Configuration Structure

The configuration structure for this collector is as follows:

Field	Type	Required	Description
regions	list	Required	List of regions to collect data from
regions[#]	str	Required	Region ID. Example: 'cn-north-1' See appendix for full list

2. Configuration Example

Collecting instance data from Ningxia region

collector_configs = {
    'regions': [ 'cn-northwest-1' ]
}

3. Data Reporting Format

After data synchronization, you can view the data in the 'Infrastructure - Resource Catalog' section of {{( brand_name }}}.

Example of reported data:

{
  "measurement": "aws_s3",
  "tags": {
    "name"              : "dataxxxx",
    "RegionId"          : "cn-northwest-1",
    "LocationConstraint": "cn-northwest-1",
    "Name"              : "dataxxxx"
  },
  "fields": {
    "CreationDate": "2022-03-09T06:13:31Z",
    "Grants"      : "{JSON data}",
    "message"     : "{Instance JSON data}"
  }
}

Fields in tags and fields may change with subsequent updates

The value of tags.name is the instance name, used as a unique identifier

fields.message is a JSON serialized string

fields.Grants is the bucket access control list

4. IAM Policy Permissions

If users use IAM roles to collect resources, certain operation permissions need to be enabled

This collector requires the following operation permissions:

s3:ListAllMyBuckets

s3:ListBucket

s3:GetBucketAcl

s3:GetBucketLocation

X. Appendix

Please refer to the official AWS documentation:

• S3 - ListBuckets
• S3 - GetBucketAcl
• S3 - GetBucketLocation
• Amazon Simple Storage Service