IAM permissions required for Functionbeat

mudricd · May 27, 2020, 12:51am

Hi,

I followed Functionbeat reference to deploy a function that collects events from CloudWatch Logs and forwards the events to Elasticsearch.

I am aware of IAM permissions required for Functionbeat deployment but I am not able to create that IAM role due to some company security restrictions. The arguable actions from recommended role are:

iam:CreateRole
iam:DeleteRole
iam:DeleteRolePolicy

My cloud team advise to investigate what those roles are that Functionbeat needs to create and delete and then to set up that permissions over our internal "IAM manager".

Could you please advise if this is doable?

Cheers,
Dragan

system · June 16, 2020, 2:51pm

This topic was automatically closed 20 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Why does functionbeat for AWS need to be able to make Cloudformation actions? Beats functionbeat	2	372	January 13, 2021
Several Functionbeat Questions Beats functionbeat	1	446	May 8, 2019
Need help figuring out AWS role for functionbeat Beats functionbeat	3	367	February 15, 2021
AWS Network and IAM Roles configuration Beats functionbeat	3	640	April 4, 2019
Configuring Functionbeat with AWS VPC information for self-hosted ELK Beats functionbeat	9	2181	May 26, 2019

IAM permissions required for Functionbeat

Related topics