Hi!
Trying to set up the AWS Cloudtrail integration with elastic-agent/fleet.
The integration is able to pull the SQS messages, but then it says "Failed processing SQS message.
AWS Permissions:
And it doesn't create any data streams or logs so far.
Any idea or suggestion is welcomed.
Thanks
Hi Merdesz, I am having the same issue.
We were able to get it work when the S3 buckets and SQS queues were in the same account. Now we are trying to access them from a different account and have this issue despite throwing every permission we can think of at it.
Are your SQS and S3 resources in the same account as the IAM principal you are using to access them from Elastic?
Thanks
Hi tdiddy!
Turned out AWS cloud engineer did not added all of the required permissions, fixed with adding everything then turning off the un needed ones one-by-one.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
