tweak

yelevin · yelevin · commit 753e099b049d · 2024-01-31T21:40:38.000+02:00
diff --git a/articles/sentinel/connect-aws.md b/articles/sentinel/connect-aws.md
@@ -213,9 +213,9 @@ The following instructions apply for public **Azure Commercial clouds** only. Fo
    | **Name** | Example: "*MicrosoftSentinelRole*". | Choose a meaningful name that includes a reference to Microsoft Sentinel. |
 
 
-1. Edit the new role's trust policy and add another condition: `"sts:RoleSessionName": "MicrosoftSentinel_{WORKSPACE_ID)"`
+1. Edit the new role's trust policy and add another condition:<br>`"sts:RoleSessionName": "MicrosoftSentinel_{WORKSPACE_ID)"`
 
-   The trust policy should look like this:
+   The finished trust policy should look like this:
 
    ```json
    {
@@ -224,20 +224,24 @@ The following instructions apply for public **Azure Commercial clouds** only. Fo
        {
          "Effect": "Allow",
          "Principal": {
-           "Federated": "arn:aws:iam::123456789000:oidc-provider/sts.windows.net/cab8a31a-1906-4287-a0d8-4eef66b95f6e/"
+           "Federated": "arn:aws:iam::XXXXXXXXXXXX:oidc-provider/sts.windows.net/cab8a31a-1906-4287-a0d8-4eef66b95f6e/"
          },
          "Action": "sts:AssumeRoleWithWebIdentity",
          "Condition": {
            "StringEquals": {
              "sts.windows.net/cab8a31a-1906-4287-a0d8-4eef66b95f6e/:aud": "api://d4230588-5f84-4281-a9c7-2c15194b28f7",
-             "sts:RoleSessionName": "MicrosoftSentinel_12341234-abab-cdcd-efef-567890567890"
+             "sts:RoleSessionName": "MicrosoftSentinel_XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
            }
          }
        }
      ]
    }
    ```
-   Update the policy when you're done editing.
+
+   - `XXXXXXXXXXXX` is your AWS Account ID.
+   - `XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX` is your Microsoft Sentinel workspace ID.
+
+   Update (save) the policy when you're done editing.
 
 ### Add the AWS role and queue information to the S3 data connector
 

Original file line number	Diff line number	Diff line change
`@@ -213,9 +213,9 @@ The following instructions apply for public Azure Commercial clouds only. Fo`
`213`	`213`	`\| Name \| Example: "MicrosoftSentinelRole". \| Choose a meaningful name that includes a reference to Microsoft Sentinel. \|`
`214`	`214`
`215`	`215`
`216`		-1. Edit the new role's trust policy and add another condition: `"sts:RoleSessionName": "MicrosoftSentinel_{WORKSPACE_ID)"`
	`216`	+1. Edit the new role's trust policy and add another condition:<br>`"sts:RoleSessionName": "MicrosoftSentinel_{WORKSPACE_ID)"`
`217`	`217`
`218`		`- The trust policy should look like this:`
	`218`	`+ The finished trust policy should look like this:`
`219`	`219`
`220`	`220`	```json
`221`	`221`	`{`
`@@ -224,20 +224,24 @@ The following instructions apply for public Azure Commercial clouds only. Fo`
`224`	`224`	`{`
`225`	`225`	`"Effect": "Allow",`
`226`	`226`	`"Principal": {`
`227`		`- "Federated": "arn:aws:iam::123456789000:oidc-provider/sts.windows.net/cab8a31a-1906-4287-a0d8-4eef66b95f6e/"`
	`227`	`+ "Federated": "arn:aws:iam::XXXXXXXXXXXX:oidc-provider/sts.windows.net/cab8a31a-1906-4287-a0d8-4eef66b95f6e/"`
`228`	`228`	`},`
`229`	`229`	`"Action": "sts:AssumeRoleWithWebIdentity",`
`230`	`230`	`"Condition": {`
`231`	`231`	`"StringEquals": {`
`232`	`232`	`"sts.windows.net/cab8a31a-1906-4287-a0d8-4eef66b95f6e/:aud": "api://d4230588-5f84-4281-a9c7-2c15194b28f7",`
`233`		`- "sts:RoleSessionName": "MicrosoftSentinel_12341234-abab-cdcd-efef-567890567890"`
	`233`	`+ "sts:RoleSessionName": "MicrosoftSentinel_XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"`
`234`	`234`	`}`
`235`	`235`	`}`
`236`	`236`	`}`
`237`	`237`	`]`
`238`	`238`	`}`
`239`	`239`	```
`240`		`- Update the policy when you're done editing.`
	`240`	`+`
	`241`	+ - `XXXXXXXXXXXX` is your AWS Account ID.
	`242`	+ - `XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX` is your Microsoft Sentinel workspace ID.
	`243`	`+`
	`244`	`+ Update (save) the policy when you're done editing.`
`241`	`245`
`242`	`246`	`### Add the AWS role and queue information to the S3 data connector`
`243`	`247`