Environment

• Carbon Black Cloud Console: 0.51.0 backend and higher
• CBC Data Forwarder: All Versions
• Amazon Simple Storage Service (Amazon S3)

Symptoms

• "Your request was unsuccessful" error message appears during configuration of a new Data Forwarder

Cause

• Incorrect S3 bucket region
• Incorrect AWS policy
• Unsupported encryption of the AWS S3 bucket

Resolution

1. Check that the bucket was created in the correct region: List of supported AWS regions
2. Check that the bucket has the correct AWS policy, which grants Carbon Black Cloud the ability to write objects to the bucket
   1. A sample policy can be found here: Configure the Bucket Policy to Allow Access
   2. The most common issues are:
      1. The bucket policy was never applied
      2. The bucket policy does not have the correct Principal ID in the Statement -> Principal -> AWS field. A table of Principal IDs is available in the documentation linked above.
      3. The bucket policy doesn't specify the correct bucket name under "Resource" or is missing a wildcard after the bucket name or prefix
3. Check that the bucket isn't using unsupported encryption
   1. Carbon Black Cloud does not currently support KMS encrypted buckets, only AWS managed encryption

Related Content