How to export AWS Security Hub findings to CSV format

0

I'm trying to deploy this solution (https://aws.amazon.com/blogs/security/how-to-export-aws-security-hub-findings-to-csv-format/) but running into this particular error "Invalid principal in policy (Service: Amazon S3; Status Code: 400; Error Code: MalformedPolicy;". I'd appreciate it if someone could help me figure out what I could be doing wrong. Thanks all.

2 Antworten
3

Hi,

I understand you would like to know how to fix the particular error you are running into. The error is coming from the S3 bucket policy. ("Invalid principal in policy (Service: Amazon S3; Status Code: 400; Error Code: MalformedPolicy;")

It means the value of a Principal in your S3 bucket policy created from the solution is not valid. To resolve this error, follow the instructions here:

https://repost.aws/knowledge-center/s3-invalid-principal-in-policy-error

I hope this helps. Let me know if I answered your question or if you have any follow-up.

Kind regards, Ahmed

References: [1] https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html#BucketPolicies [2] https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-iam-policies.html#specifyingPrincipals

AWS
beantwortet vor einem Jahr
0

From the blog listed in the query, Lamba function which converts Security hub findings in CSV and write to S3 bucket. Based on the error message - it seems that you are missing bucket policy on S3 to allow for lambda execution role to have write access to the bucket. Follow the instruction @ **https://repost.aws/knowledge-center/lambda-execution-role-s3-bucket **which provides example policy to grant Lamdba execution role access to S3 bucket.

beantwortet vor einem Jahr

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen