From 532a3c65a020b857db03e32dddc87cf427f963b0 Mon Sep 17 00:00:00 2001 From: AWSHurneyt Date: Thu, 26 Sep 2024 10:47:42 -0700 Subject: [PATCH] Adjusted wording based on suggestions. Signed-off-by: AWSHurneyt --- .../threat-intelligence/getting-started.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/_security-analytics/threat-intelligence/getting-started.md b/_security-analytics/threat-intelligence/getting-started.md index e80d06a8a9..e7968bf68e 100644 --- a/_security-analytics/threat-intelligence/getting-started.md +++ b/_security-analytics/threat-intelligence/getting-started.md @@ -50,7 +50,7 @@ Local files uploaded as the threat intelligence source must use the following sp When using the `S3_SOURCE` as a remote store, the following connection information must be provided: -- **IAM Role ARN**: The Amazon Resource Name (ARN) for an AWS Identity and Access Management (IAM) role. Please note that, when using AWS OpenSearch Service, this role ARN needs to be in the same account as the OpenSearch domain. E.g., +- **IAM Role ARN**: The Amazon Resource Name (ARN) for an AWS Identity and Access Management (IAM) role. Note that, when using AWS OpenSearch Service, this role ARN needs to be in the same account as the OpenSearch domain. E.g., 1. Create a new role with a custom trust policy. The following example trust policy adds OpenSearch as a trusted entity. ```azure { @@ -70,7 +70,7 @@ When using the `S3_SOURCE` as a remote store, the following connection informati ``` 2. Click the Next button to progress to the Permissions policies page, and add the `AmazonS3ReadOnlyAccess` permission. 3. Finish creation of the new role on the following page by providing a name, and description. -- **S3 bucket directory**: The name of the Amazon Simple Storage Service (Amazon S3) bucket in which the `STIX2` file is stored. To access an S3 bucket in a different AWS account, [see below](#configuring-cross-account-s3-bucket-connection). +- **S3 bucket directory**: The name of the Amazon Simple Storage Service (Amazon S3) bucket in which the `STIX2` file is stored. To access an S3 bucket in a different AWS account, see the [Configuring cross-account S3 bucket connection](#configuring-cross-account-s3-bucket-connection) section for more details. - **Specify a file**: The object key for the `STIX2` file in the S3 bucket. - **Region**: The AWS Region for the S3 bucket. @@ -79,9 +79,9 @@ You can also set the **Download schedule**, which determines to where OpenSearch Alternatively, you can check the **Download on demand** option, which prevents new data from the bucket from being automatically downloaded. ### Configuring cross-account S3 bucket connection -As mentioned [above](#s3_source-connection-information), the role ARN needs to be in the same account as the OpenSearch domain. The example trust policy in that step will allow the OpenSearch domain to download from S3 buckets within that same account. +As mentioned in the [S3_SOURCE connection information](#s3_source-connection-information) section, the role ARN needs to be in the same account as the OpenSearch domain. The example trust policy in that step will allow the OpenSearch domain to download from S3 buckets within that same account. -To download from an S3 bucket in another account, please note that the trust policy for that bucket needs to give your role ARN permission to read from the object. E.g., +To download from an S3 bucket in another account, note that the trust policy for that bucket needs to give your role ARN permission to read from the object. E.g., ```azure { "Version": "2012-10-17",