CSV via S3
The CSV via S3 context Integration method allows you to import Context Labels from a CSV format file stored in an AWS S3 storage bucket. This integration can be set to run manually or to auto-update at an interval you specify.
CSV File Format
The CSV must be a text file and should NOT have any headers.
Multiple labels can be assigned per context by having additional columns.
The format of the CSV file is ip,context,label1,label2,...
For example:
IP1, Context1, Label1
IP1, Context2, Label1, Label2
IP2, Context1, Label1
IP2, Context2, Label1, Label2, Label3
Netography Portal Steps
Navigate to Integrations (make sure you are on the Context tab) and click "Add Integration", then select CSV via S3
Configuration
The following fields are specific to the CSV via S3 integration.
| Field | Required | Description | Example |
|---|---|---|---|
Region | yes | Location of the Amazon Web Services | us‑east‑1 |
Bucket Name | yes | Name of the s3 bucket from which to pull the csv file | |
CSV File Path | yes | Path to the csv file to import labels from. |
Authentication
Netography Fusion can access your AWS account using one of two different methods:
- IAM user via an Access Key ID & Secret Access Key
- IAM Roles using a Custom Trust Policy created by Netography.
AWS Access Key
To configure access via Access Key/Secret, select the "Key/Secret" Authentication Type. The values for the ID and Secret are accessible in the AWS IAM console.
AWS IAM Roles
You can use an IAM role in Netography Fusion to access your Cloud Flow Logs for flow ingest or account data for the AWS Context Integration. To enable this, go to the portal and retrieve the AWS Account ID and External ID from your Account Settings. Navigate to the gear button on the top right to view your Account Settings to see the Overview tab as shown below:
In AWS, you will configure permissions using the Account ID grabbed from above to create the IAM Role. When configured, AWS creates the Amazon Resource Number (ARN) for the role. For more information in configuring the permissions to the Account ID, refer to the external ID guide.
The newly created ARN is required in order to configure IAM role access in the Netography Fusion portal.
Once the ARN has been created, the remaining steps are to toggle the Authentication Type to Role in your AWS
S3 configuration settings, input the AWS Account ID grabbed earlier from your Netography account settings, and the supply the ARN configured from AWS as shown below:
Updated 7 months ago