Using keys
- Prerequisites: Have your AWS credentials ready, including access key and secret access key, with permissions to access.
- Configuring DrDroid: In the DrDroid platform, navigate to Integrations > CloudWatch. Enter your AWS access key ID, secret access key, and specify the region your CloudWatch logs are stored in.
- Testing the Integration: Test the integration.
Note: For security reasons, some teams prefer to create a new user with access attached to these permissions.
Steps to create a new user:
Step 1: Create a new user in your CloudWatch
Go to this link within your AWS account IAM and create a new user.
Step 2: Attach one policy of CloudWatchReadOnlyAccess to the user.
You don’t need to add any group to the user.
Step 3: Once the user is created, create an access key by going to “Security Credentials”.
Step 4: Select “Third-party service” or “Application running on an AWS compute service” while creating the key.
Step 5: Copy paste the access key and secret key in Integrations page.
Using AssumeRole](/docs/with-assumerole)
To connect using AssumeRole, we recommend setting up a call with our team as it requires multiple to & fro.
- Share your AWS Account Number with Doctor Droid team.
- Create a new role in your account with the following Trust Policy. ({{Role_ARN}} to be shared by Doctor Droid team)
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::{{Role_ARN}}"
},
"Action": "sts:AssumeRole"
}
]
}
- Attach the following Policy to the role:
PolicyName: CloudWatchReadOnlyAccessPolicy
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- 'cloudwatch:Describe*'
- 'cloudwatch:Get*'
- 'cloudwatch:List*'
- 'logs:Get*'
- 'logs:Describe*'
- 'logs:List*'
- 'logs:StartQuery'
- 'logs:StopQuery'
- 'logs:GetQueryResults'
- 'logs:FilterLogEvents'
Resource: '*'
- Share the ARN of the role created with Doctor Droid team.
Responses are generated using AI and may contain mistakes.