Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DOC-868 #514

Merged
merged 2 commits into from
Aug 21, 2024
Merged

DOC-868 #514

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
c76b3d6
DOC-868
May 19, 2024
e6e3d5f
Merge branch 'master' into DOC-868
Simplychee Aug 21, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 13 additions & 11 deletions docs/user-guide/admin/give-aws-access-with-iam-roles.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,27 +60,29 @@ To do this, add the following to your IAM policy:
Note that the ListBucket permission is set to the entire bucket and the GetObject permission ends with a /* suffix, so we can get files in subdirectories.
:::

### Create a Logz.io-AWS connector
### Create a Logz.io-AWS Connector for Archive Setup

In your Logz.io app, go to the **Integration hub** and select the relevant AWS resource.
1. In your Logz.io app, go to the **Integration hub** and select the relevant AWS resource.

Inside the integration, click **+ Add a bucket** and select the option to **Authenticate with a role**
2. Inside the integration, click **+ Add a bucket** and select the option to **Authenticate with a role**.

![Connect Logz.io to an AWS resource](https://dytvr9ot2sszz.cloudfront.net/logz-docs/log-shipping/s3-bucket-id-dec.png)
3. Copy and paste the **Account ID** and the **External ID** into your text editor.

Copy and paste the **Account ID** and the **External ID** in your text editor.
4. Fill in the form to create a new connector:
- Enter the **S3 bucket name**.
- Enter the **Prefix** where your logs are stored, if applicable.

Fill in the form to create a new connector.
5. Click **Get the role policy**.
- Review the role policy to confirm the required permissions.
- Paste the policy into your text editor.

Enter the **S3 bucket name** and, if needed,
the **Prefix** where your logs are stored.
6. Follow the role creation process using the information from the role policy.

Click **Get the role policy**.
You can review the role policy to confirm the permissions that will be needed.
Paste the policy in your text editor.
7. Once the role is created, paste the resulting **Role ARN** within the Archive setup in Logz.io.

Keep this information available so you can use it in AWS.


### Create the policy in AWS

Navigate to [IAM policies](https://us-east-1.console.aws.amazon.com/iam/home#/policies) and click **Create policy**.
Expand Down