- Newest
- Most votes
- Most comments
I believe the gap is in the bucket policy of the S3 bucket in the other account. It needs GetBucketACL and ListBucket . Try adding that.
I have set up the cross-account export option following the Exporting findings documentation in my account and I was able to set it up without any issues.
Setup: Account A: GuardDuty/KMS, Account B: S3 bucket
Please make sure that you have replaced region
, account id
, kmskeyid
, and sourceDetectorId
in the sample policies from the documentation. In my setup, I did not use optional prefix so my resource ARN for objects looks like this arn:aws:s3:::<bucketname>/*. Also, make sure that KMS key and S3 bucket are in the same region.
If the issue persists, please share your policies (sanitize account id and resource id).
Relevant content
- asked a year ago
- asked a year ago
- Accepted Answerasked a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 months ago