Netskope Global Technical Success (GTS)
KB - Netskope Alerts and Events Streaming RBACv3
Netskope Cloud Version - 130
Objective
This document aims to help customers on the Service Account (RBACv3) creation with the needed API V2 endpoints for the Netskope events and alerts.
Requirements
Netskope CASB Inline/SWG license is required
Configuration
Option #1: Predefined Role usage (Recommended)
Currently Netskope offers a predefined role for cloud exchange integration: “Netskope Cloud Exchange”. This role includes all the API endpoints needed for Cloud Exchange deployments that have all the four modules enabled (Ref. Cloud Exchange Module Descriptions). In case your deployment is based on Log shipper module only, we suggest defining a custom ad-hoc role with the needed API endpoints only. Custom role creation instructions can be found in the Option #2 section. If you prefer to keep Predefined role maintained by Netskope, please jump to Step #2.
Option #2: Custom Role Creation
Path: Netskope Tenant UI >>> Settings >>> Administration >>> Administrators & Roles >>> Roles
Start to create a new role. This role will be applied to the Service account used for the events and alerts sent.
Select the Functional Areas "Access Control", "Administration", and "DLP" as highlighted below
Assign the following Functions with "View" permission
| ⚠️All other functions not mentioned above must be disabled by selecting "None" permission as shown below NOTE: When saving the role, all functional areas will be enabled to "none" |
Step #2 - Service account creation
Path: Netskope Tenant UI >>> Settings >>> Administration >>> Administrators & Roles >>> Administrators
Create a service account
Assign the newly created role and define the expiration in the highlighted areas below
Copy the API token and then confirm creation
Terms and Conditions
- All documented information is tested and verified to ensure accuracy.
- In the future, application functionalities may be modified by the vendor. Should we become aware of such changes, we will promptly update the documentation accordingly.
Notes
- This article is produced by the Netskope Global Technical Success (GTS) team.
- For any further inquiries related to this article, please contact the Netskope GTS team by opening a support case with "Case Type – How To Questions".
