CSOAR-3365: added IAM info

Author: mahendrak-sumo

docs/platform-services/automation-service/app-central/integrations/aws-cloudtrail.md

@@ -39,6 +39,7 @@ import IntegrationEngine from '../../../../reuse/automation-service/integration-
 import IntegrationLabel from '../../../../reuse/automation-service/integration-label.md';
 import IntegrationProxy from '../../../../reuse/automation-service/integration-proxy.md';
 import IntegrationTimeout from '../../../../reuse/automation-service/integration-timeout.md';
+import IAMConfiguration from '../../../../reuse/automation-service/iam-configuration.md';
 
 <IntegrationsAuth/>
 
@@ -56,6 +57,8 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration
 
 <IntegrationsAuthAWS/>
 
+<IAMConfiguration/>
+
 For information about AWS CloudTrail, see [CloudTrail documentation](https://docs.aws.amazon.com/cloudtrail/).
 
 ## Change Log

docs/platform-services/automation-service/app-central/integrations/aws-route53.md

@@ -37,6 +37,7 @@ import IntegrationEngine from '../../../../reuse/automation-service/integration-
 import IntegrationLabel from '../../../../reuse/automation-service/integration-label.md';
 import IntegrationProxy from '../../../../reuse/automation-service/integration-proxy.md';
 import IntegrationTimeout from '../../../../reuse/automation-service/integration-timeout.md';
+import IAMConfiguration from '../../../../reuse/automation-service/iam-configuration.md';
 
 <IntegrationsAuth/>
 
@@ -53,6 +54,8 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration
 
 <IntegrationsAuthAWS/>
 
+<IAMConfiguration/>
+
 For information about AWS Route 53, see [Route 53 documentation](https://docs.aws.amazon.com/route53/).
 
 ## Change Log

docs/platform-services/automation-service/app-central/integrations/aws-s3.md

@@ -41,6 +41,7 @@ import IntegrationEngine from '../../../../reuse/automation-service/integration-
 import IntegrationLabel from '../../../../reuse/automation-service/integration-label.md';
 import IntegrationProxy from '../../../../reuse/automation-service/integration-proxy.md';
 import IntegrationTimeout from '../../../../reuse/automation-service/integration-timeout.md';
+import IAMConfiguration from '../../../../reuse/automation-service/iam-configuration.md';
 
 <IntegrationsAuth/>
 
@@ -57,6 +58,8 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration
 
 <IntegrationsAuthAWS/>
 
+<IAMConfiguration/>
+
 ## Change Log
 
 * October 3, 2019 - First upload

docs/platform-services/automation-service/app-central/integrations/aws-simple-notification-service.md

@@ -34,6 +34,7 @@ import IntegrationEngine from '../../../../reuse/automation-service/integration-
 import IntegrationLabel from '../../../../reuse/automation-service/integration-label.md';
 import IntegrationProxy from '../../../../reuse/automation-service/integration-proxy.md';
 import IntegrationTimeout from '../../../../reuse/automation-service/integration-timeout.md';
+import IAMConfiguration from '../../../../reuse/automation-service/iam-configuration.md';
 
 <IntegrationsAuth/>
 
@@ -51,6 +52,8 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration
 
 <IntegrationsAuthAWS/>
 
+<IAMConfiguration/>
+
 For information about Amazon Simple Notification Service, see [Amazon Simple Notification Service documentation](https://docs.aws.amazon.com/sns/).
 
 ## External Libraries

docs/platform-services/automation-service/app-central/integrations/aws-sqs.md

@@ -37,6 +37,7 @@ import IntegrationEngine from '../../../../reuse/automation-service/integration-
 import IntegrationLabel from '../../../../reuse/automation-service/integration-label.md';
 import IntegrationProxy from '../../../../reuse/automation-service/integration-proxy.md';
 import IntegrationTimeout from '../../../../reuse/automation-service/integration-timeout.md';
+import IAMConfiguration from '../../../../reuse/automation-service/iam-configuration.md';
 
 <IntegrationsAuth/>
 
@@ -52,6 +53,8 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration
 
 <IntegrationsAuthAWS/>
 
+<IAMConfiguration/>
+
 For information about AWS SQS, see [SQS documentation](https://docs.aws.amazon.com/sqs/).
 
 ## Change Log

docs/reuse/automation-service/aws/iam-configuration.md

@@ -0,0 +1,26 @@
+### AWS IAM Role-Based Access Guide
+
+To enable AWS IAM Role-based authentication without sharing their Access/Secret keys, follow the steps below.
+
+---
+
+#### Customer-Side Configuration
+
+1. **Create an IAM Role** in AWS account.
+2. **Attach Required Policies** to the role depending on the AWS services they want to allow access to (e.g., `AmazonEC2ReadOnlyAccess`, `AWSWAFFullAccess`, etc.).
+3. **Update the Trust Policy** to allow your product's AWS account to assume this role.
+
+   Example Trust Policy:
+   ```json
+   {
+     "Version": "2012-10-17",
+     "Statement": [
+       {
+         "Effect": "Allow",
+         "Principal": {
+           "AWS": "arn:aws:iam::<sumo-account-id>:root"
+         },
+         "Action": "sts:AssumeRole"
+       }
+     ]
+   }