Netskope Help

Configure Amazon Web Services S3 as a Forensic Destination

Netskope Public Cloud Security enables you to simultaneously configure multiple AWS accounts in a single region. You can configure an AWS account with an S3 bucket to store forensic-related objects.

The setup uses a Cloud Formation Template (CFT), aws-instance-setup.yml that is customized with permissions required for Netskope for IaaS to the S3 bucket that is the forensic destination. Netskope requires permissions to perform write and delete operations on the S3 bucket. Additionally, Netskope requires permissions to list all the S3 buckets and get the location of the buckets in your account.

To learn more, see "What happens in the process?" section in Step 2/2: Configure AWS Permissions for Forensic.


Before you begin the setup process, ensure that you make a list of AWS account numbers with their account names and admin email addresses you want to configure for CSA. Email address is optional.

An account name will help you easily identify the AWS account in the Netskope tenant.


Netskope recommends using the same account name as the AWS account alias. If an account alias is not available for the AWS account, then provide an account name for the AWS account.

To learn more about creating a list of AWS account numbers, see "Creating a CSV file" in Step 1/2: Configure AWS Accounts & Services for Forensic.