In this scenario we have a use case where a customer accidentally created a bucket and made it public without encryption. Our goal here is to detect the bucket and fix its two main configuration security issues.
It's very important you completed chapter 5 of the workshop before starting this one, because you will need a Trend Micro Cloud One account that is integrated with your AWS account.
We will use the Confomirty dashboard to search for the misconfigurations.
Here are the configurations that you should apply:
After you complete the configurations, click Filter Check again
If after applying the filter Tag the resource are not showing, it's because you need to force a Run Conformity Bot in the main dashboard as described here Run Conformity Bot
Locate the two Conformity checks that pertain to the misconfigurations of this scenario (S3 Bucket Public Access Via Policy and Server Side Encryption). Next to each, select Resolve, which will populate the step-by-step instructions for remediating these misconfigurations.
Selecting the Conformity checks will allow you to see more details about the misconfiguration that was found. You will also have the direct link to the resource to help you to review and fix the misconfigurations that have been found.
Click Resolve to bring you to the Knowledge Base, here you will find the step-by-step on how to remediate the misconfiguration found by Conformity.
After completing the remediation for these two use cases, you can return to the Conformity dashboard and click Run Conformity Bot to start a new process.
The default Conformity process for monitoring is hourly checks performed by the Conformity bot. You can also manually run the checks, or enable the real-time monitoring feature.
After couple minutes the Conformity Bot check will finish and you can check if the previous configurations will now appear as Succeeded instead of Failed.