Configuring policy with IAM user

When selecting IAM User, you will need to have the name of the AWS Tenant and an admin user's Access Key ID and Secret Access Key.

The Access Key ID can be found on the IAM page in the Amazon AWS console by following the instructions below, however, the Secret Access Key is only available at the time of creating a new user and cannot be viewed again on the console. That means if you do not have the Secret Access Key you will need to create a new user account.

You will also need to create a specific policy that will be assigned to the user to grant Forcepoint ONE SSE access to S3. Although you can create the policy after creating the user and then later assigning that policy to the user, it's easiest to create the policy first. This will allow you to either add the policy to an existing account (if you have the Secret Access Key) or assign the policy during the process of creating a new user.

Note: You cannot setup the cloud scanning for the same AWS account you setup previously using different sets of credentials.