Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.
Device Configuration: AWS Permissions needed for getting logs from S3 Bucket
Overview
This document will help you with the steps to ingest the Device Configuration: AWS Permissions needed for getting logs from S3 Bucket.
Prerequisite
In order to get logs from a S3 bucket, we require below access from customer end:
"s3:ListBucket" - Lists all the logs in a bucket, allowing us to keep track of which ones have already been ingested.
"s3:GetObject" - Allows us to download the logs from the bucket
Sample Steps
Sample IAM policy (Only for reference)
To Archive data using S3 bucket we need to fill following details.
Important note
Note that the ListBucket permission is set to the entire bucket and the GetObject permission ends with a /* suffix, so we can get files in subdirectories
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::<BUCKET_NAME>"
]
},
{
"Effect": "Allow",
"Action": [
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::<BUCKET_NAME>/*"
]
}
]
}
Seceon Inc. All rights reserved. https://www.seceon.com