Trying to set up the AWS Cloudtrail integration with elastic-agent/fleet.
The integration is able to pull the SQS messages, but then it says "Failed processing SQS message.
We were able to get it work when the S3 buckets and SQS queues were in the same account. Now we are trying to access them from a different account and have this issue despite throwing every permission we can think of at it.
Are your SQS and S3 resources in the same account as the IAM principal you are using to access them from Elastic?
Turned out AWS cloud engineer did not added all of the required permissions, fixed with adding everything then turning off the un needed ones one-by-one.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.