File tree Expand file tree Collapse file tree 1 file changed +3
-3
lines changed
Monitoring/ingest_nas_audit_logs_into_cloudwatch Expand file tree Collapse file tree 1 file changed +3
-3
lines changed Original file line number Diff line number Diff line change @@ -29,11 +29,11 @@ systems that you want to ingest the audit logs from.
2929- You have created a role with the necessary permissions to allow the Lambda function to do the following:
3030
3131<table >
32- <tr ><th >Service</td ><td >Actions</td ></ td >Resources</td ></tr >
32+ <tr ><th >Service</td ><td >Actions</td ><td >Resources</td ></tr >
3333<tr ><td >fsx</td ><td >fsx:DescribeFileSystems</td ><td >*</td ></tr >
3434<tr ><td rowspan =" 3 " >ec2</td ><td >DescribeNetworkInterfaces</td ><td >*</td ></tr >
35- <tr ><td >CreateNetworkInterface</td ><td >arn:aws:ec2:*:\< accountID > :*</td ></tr >
36- <tr ><td >DeleteNetworkInterface</td ><td >arn:aws:ec2:*:\< accountID > :*</td ></tr >
35+ <tr ><td >CreateNetworkInterface</td ><td >arn:aws:ec2:*:& lt ; & gt ; td ></tr >
36+ <tr ><td >DeleteNetworkInterface</td ><td >arn:aws:ec2:*:& lt ; & gt ; td ></tr >
3737<tr ><td rowspan =" 2 " >logs</td ><td >CreateLogStream </td ><td > arn:aws:logs:\<region >:\<accountID >:log-group:\<logGroupName >:* </td ></tr >
3838<tr ><td >PutLogEvents </td ><td > arn:aws:logs:\<region >:\<accountID >:log-group:\<logGroupName >:* </td ></tr >
3939<tr ><td rowspan =" 3 " > s3 </td ><td > ListBucket </td ><td > arn:aws:s3:\<region >:\<accountID >:* </td ></tr >
You can’t perform that action at this time.
0 commit comments