S3

Experimental

Creates:

Assets

Configure in the UI

This plugin can be configured directly in the Marmot UI with a step-by-step wizard.

The S3 plugin discovers and catalogs Amazon S3 buckets across your AWS accounts. It captures bucket metadata including security configurations, lifecycle policies, encryption settings, and tags.

Required Permissions

Example Configuration

credentials:
  region: "us-east-1" 
  id: "<aws-secret-id>"
  secret: "<aws-secret-key>"
tags:
  - "s3"

Configuration

The following configuration options are available:

Property	Type	Required	Description
credentials	AWSCredentials	false	AWS credentials configuration
external_links	[]ExternalLink	false	External links to show on all assets
filter	Filter	false	Filter patterns for AWS resources
include_tags	[]string	false	List of AWS tags to include as metadata. By default, all tags are included.
tags	TagsConfig	false	Tags to apply to discovered assets
tags_to_metadata	bool	false	Convert AWS tags to Marmot metadata

Available Metadata

The following metadata fields are available:

Field	Type	Description
accelerate_config	string	Transfer acceleration configuration
bucket_arn	string	The ARN of the S3 bucket
creation_date	string	When the bucket was created
encryption	string	Bucket encryption configuration
lifecycle_config	string	Bucket lifecycle configuration
logging_config	string	Bucket access logging configuration
notification_config	string	Bucket notification configuration
public_access_block	string	Public access block configuration
region	string	The AWS region where the bucket is located
replication_config	string	Bucket replication configuration
request_payment_config	string	Request payment configuration
tags	map[string]string	AWS resource tags
versioning	string	Bucket versioning status
website_config	string	Static website hosting configuration

Configure in the UI

Required Permissions​

Example Configuration​

Configuration​

Available Metadata​

Required Permissions

Example Configuration

Configuration

Available Metadata