The roles and permissions detailed below are required by the AWS services listed, on which your AWS Sensor relies.
During deployment, the AWS CloudFormation template provided by AT&T Cybersecurity automatically manages and assigns these as needed by your sensor.
The following table shows the IAM roles and permissions required by your AWS Sensor.
Warning: The sensor's capacity to extract the information will be endangered if you disable the below services. The sensor won't have permission to perform the disabled function.
Prerequisites | Description |
---|---|
Amazon CloudWatch |
|
AWS CloudTrail |
|
AWS Elastic Load Balancing (ELB) |
|
Amazon Simple Storage Service (S3) |
|
Amazon EC2 |
|
AWS IAM |
|
Amazon GuardDuty |
|
Amazon Relational Database Service (RDS) |
|