Merge pull request #2312 from splunk/urbiz-OD6457-aws-ts-improve

[6457]: AWS TS permission improvements

Author: aurbiztondo-splunk

gdi/get-data-in/connect/aws/aws-prereqs.rst

@@ -412,7 +412,7 @@ Read more at the official AWS documentation:
 
 * :new-page:`AWS Organization Service Control Policies <https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html>`
 * :new-page:`Permissions boundaries for IAM entities <https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html>`
-* :new-page:`Troubleshooting IAM permission access denied or unauthorized errors <https://web.archive.org/web/20231129090004/https://repost.aws/knowledge-center/troubleshoot-iam-permission-errors>`
+* :new-page:`Troubleshooting IAM permission access denied or unauthorized errors <https://repost.aws/knowledge-center/troubleshoot-iam-permission-errors>`
 
 .. _aws-regions:
 

gdi/get-data-in/connect/aws/aws-troubleshooting.rst

@@ -18,22 +18,22 @@ If issues persist, you can also contact :ref:`support`.
 Error validating your AWS connection
 =========================================
 
-The automatic attempt to validate a connection that you just configured fails, so there is no connection between Splunk Observability Cloud and your AWS account.
+The automatic attempt to validate a connection that you just configured fails, so there is no connection between Splunk Observability Cloud and your AWS account. This can include failed API calls with ``400`` error codes.
 
 Cause
 ^^^^^^
 
-The connection might fail due to invalid Identity Access Management (IAM) policy used by your AWS integration.
+The connection might fail due to your AWS integration using invalid Identity Access Management (IAM) policies, or missing some of the required permissions. 
 
-If you use the AWS Organizations' :new-page:`Service control policies <https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html>` or :new-page:`Permission boundaries for IAM entities <https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html>`, they 
+If you use AWS Organizations' :new-page:`Service control policies <https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html>` or :new-page:`Permission boundaries for IAM entities <https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html>`, they 
 might impact the AWS IAM policy you're using to connect to Splunk Observability Cloud. 
 
 Solution
 ^^^^^^^^^
 
-Ensure all :ref:`aws-required-permissions` are included in your IAM policy.
+Make sure to include all the required policies to connect your AWS account to Splunk Observability Cloud, as described in :ref:`aws-required-permissions`. Note that required permissions depend on your connection method (polling or Metric Streams), and that tag collection requires specific permissions.
 
-Also review the AWS Organizations' policies and boundaries you're using.
+You also need to review the AWS Organizations' policies and boundaries you're using.
 
 .. _aws-ts-cloud: