AWS IAM ROLE PERMISSION

    Please follow these steps to create an IAM role with the required permissions to access AWS flowlogs, CloudWatch, and EC2 instances through NFA:

    1. Create IAM Role:
      • Go to IAM - Roles - Create Role.
      • Select "AWS service" as the trusted entity.
      • Select "EC2" in the service or use case.
      • Click "Next" multiple times.
      • Provide a role name of your choice.
      • Click "Create."
    2. Now Select the created role
      • In permission policies, select "Create inline policy" from the "Add permission" option.
      • Choose the JSON option.
      • Copy the following syntax into the policy editor:

        {
        "Version": "2012-10-17",
        "Statement": [
        { "Sid": "VisualEditor0",
        "Effect": "Allow",
        "Action": [
        "ec2:DeleteFlowLogs",
        "logs:CreateLogStream",
        "logs:DescribeLogGroups",
        "ec2:CreateFlowLogs",
        "logs:DescribeLogStreams",
        "ec2:DescribeFlowLogs",
        "ec2:*",
        "logs:CreateLogGroup",
        "logs:PutLogEvents"
        ],
        "Resource": "*"
        }
        ]
        }

      • Click "Next" and save changes.

    Thank you for your feedback!

    Was this content helpful?

    We are sorry. Help us improve this page.

    How can we improve this page?
    Do you need assistance with this topic?
    By clicking "Submit", you agree to processing of personal data according to the Privacy Policy.