Configuring IAM in Forcepoint ONE SSE

Once you have the AWS admin user's Access Key IDand Secret Access Key, go back to the Forcepoint ONE SSE portal and fill out the information on the Forcepoint ONE SSE Add AWS Tenant dialog and save.

You can now configure which Bucketsyou wish to gain visibility into and set the DLP Patterns. The AWS Tenant field is just any name you want in order to identify this setup for the specific AWS Tenant you are connecting to.



Note: You will notice that once you have configured the AWS tenant information inside of Forcepoint ONE SSE, you can no longer alter or change any of the fields: AWS Tenant, Access Key ID, and Secret Access Key fields (with the Secret Access Key being completely masked).
  1. You can choose to gain visibility into all buckets, specific buckets (Included), or ignore buckets (excluded).
  2. Select the Green Plus icon to add new fields to choose a bucket to include or exclude.
  3. Click the Green Plus icon to add new fields to choose specific DLP Patterns you want to monitor for. You can add as many as you want.


    Note: To configure API policies with the Forcepoint DLP data pattern, refer to Configuring FSM controlled policies for CASB and SWG channels.