diff --git a/docs/user-guide/admin/give-aws-access-with-iam-roles.md b/docs/user-guide/admin/give-aws-access-with-iam-roles.md index c6cc691c..f058b78f 100644 --- a/docs/user-guide/admin/give-aws-access-with-iam-roles.md +++ b/docs/user-guide/admin/give-aws-access-with-iam-roles.md @@ -60,27 +60,29 @@ To do this, add the following to your IAM policy: Note that the ListBucket permission is set to the entire bucket and the GetObject permission ends with a /* suffix, so we can get files in subdirectories. ::: -### Create a Logz.io-AWS connector +### Create a Logz.io-AWS Connector for Archive Setup -In your Logz.io app, go to the **Integration hub** and select the relevant AWS resource. +1. In your Logz.io app, go to the **Integration hub** and select the relevant AWS resource. -Inside the integration, click **+ Add a bucket** and select the option to **Authenticate with a role** +2. Inside the integration, click **+ Add a bucket** and select the option to **Authenticate with a role**. -![Connect Logz.io to an AWS resource](https://dytvr9ot2sszz.cloudfront.net/logz-docs/log-shipping/s3-bucket-id-dec.png) +3. Copy and paste the **Account ID** and the **External ID** into your text editor. -Copy and paste the **Account ID** and the **External ID** in your text editor. +4. Fill in the form to create a new connector: + - Enter the **S3 bucket name**. + - Enter the **Prefix** where your logs are stored, if applicable. -Fill in the form to create a new connector. +5. Click **Get the role policy**. + - Review the role policy to confirm the required permissions. + - Paste the policy into your text editor. -Enter the **S3 bucket name** and, if needed, -the **Prefix** where your logs are stored. +6. Follow the role creation process using the information from the role policy. -Click **Get the role policy**. -You can review the role policy to confirm the permissions that will be needed. -Paste the policy in your text editor. +7. Once the role is created, paste the resulting **Role ARN** within the Archive setup in Logz.io. Keep this information available so you can use it in AWS. + ### Create the policy in AWS Navigate to [IAM policies](https://us-east-1.console.aws.amazon.com/iam/home#/policies) and click **Create policy**.