AWS: Configuring CSPM audit
Forcepoint ONE SSE can scan AWS for configuration management to ensure the setting configuration is in compliance with frameworks such as CIS Benchmark.
Configuration does require you to setup API access into AWS. The Amazon S3: Configuring API access guide page will walk you through the ways for connecting Forcepoint ONE SSE to AWS via API. You will need an additional set of policies to enable Forcepoint ONE SSE to audit AWS for security configurations. Forcepoint ONE SSE recommends that you create a new policy for this and assign it to the IAM user or STS token that you are using for the API connection. Once you have followed the steps on this guide page to enable the auditing of AWS configurations you can review the results on the page.