Filebeat 403 error to SQS

Following the document from elastic blog, S3 log to Elastic using filebeat and SQS, i keep getting error
2021-04-03T13:45:04.022Z ERROR [] awss3/collector.go:101 SQS ReceiveMessageRequest failed: AccessDenied: Access to the resource is denied.

`status code: 403, request id: 4d205118-6b7e-545d-96f0-09fa18e103cd {"queue_url": "", "region": "us-east-1"}`

ANy suggestion what policy is missing in the doc(blog)

Sorry the blog post is not up-to-date. Could you try adding these permissions please? AWS S3 input | Filebeat Reference [7.12] | Elastic

I did try adding the permission yet see the 403 error. Any other debug command i can put on filebeat to verify what it is missing.

thanks for pointing out the permission, added them.

i was able to resolve it. It was AWS KMS issue.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.