Versions Compared

Version Old Version 3 New Version 4
Changes made by

KS

KS

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

9. Type or paste below JSON policy. Make sure you are replacing the resource name. 

Expand
titleIncase of S3 Bucket
Code Block
{
"Effect": "Allow",
"Action": ["s3:ListBucket","s3:GetObject"],
"Resource": ["arn:aws:s3:::bucketname", "arn:aws:s3:::bucketname/*"],
"Condition": {}
}

Expand
titleIn case of CloudWatch log groups
Code Block
{
"Effect": "Allow",
"Action": [
"logs:describeLogGroups",
"logs:describeLogStreams",
"logs:filterLogEvents",
"logs:getLogEvents"
],
"Resource": [
"arn:aws:logs:region:accountID:log-group:specificLogGroupName"
]
}

Expand
titleIn case of SQS

Code Block
{
“Action”: [
“sqs:GetQueueAttributes”,
“sqs:GetQueueUrl”,
“sqs:ReceiveMessage”,
“sqs:DeleteMessage”,
“sqs:ListQueues"
],
“Effect”: “Allow”,
“Resource”: “arn:aws:sqs:region:accountID:SQSName”
}

Note: In the case of SQS make sure you are creating and attaching the SQS policy as well as the S3 policy to the rule.

10. Click Next: Tags at the bottom.

11. Add a tag to the policy (Optional)

12. Click Next: Review

13. Give appropriate name to policy, review it, and Click Create policy.

14. Search the same policy name into the Search text box under Attach permissions policies and select it and Click Next: Tags

...

...

15.Add tag to the role (Optional)

16. Give appropriate name to the Role, review it, and Click Create role.

17. Go back to AWS Management Console.

18. Open the EC2 Dashboard.

19. Go to Instances (running) if the LCP machine is running or else go to Instances, search for LCP instance and start it.

20. Select an LCP instance, go to

...

Actions → Security →  Modify IAM role

...

21. Search for the IAM role that you have created earlier and click Save.

...

22.  Go to the LCP UI and configure the appropriate collector using below sensor configuration

...