Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.

Device Configuration: AWS Permissions needed for getting logs from S3 Bucket

Owned by Customer Success & Engineering
Last updated: May 05, 2023
2 min read

Overview

This document will help you with the steps to ingest the Device Configuration: AWS Permissions needed for getting logs from S3 Bucket.

Prerequisite

In order to get logs from a S3 bucket, we require below access from customer end:

  1. "s3:ListBucket" - Lists all the logs in a bucket, allowing us to keep track of which ones have already been ingested.

  2. "s3:GetObject" - Allows us to download the logs from the bucket

Sample Steps

 

Sample IAM policy (Only for reference)

To Archive data using S3 bucket we need to fill following details.

 

Important note

  • Note that the ListBucket permission is set to the entire bucket and the GetObject permission ends with a /* suffix, so we can get files in subdirectories

{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:ListBucket" ], "Resource": [ "arn:aws:s3:::<BUCKET_NAME>" ] }, { "Effect": "Allow", "Action": [ "s3:GetObject" ], "Resource": [ "arn:aws:s3:::<BUCKET_NAME>/*" ] } ] }

 

Seceon Inc. All rights reserved. https://www.seceon.com