IAM permissions required for Functionbeat

Hi,

I followed Functionbeat reference to deploy a function that collects events from CloudWatch Logs and forwards the events to Elasticsearch.

I am aware of IAM permissions required for Functionbeat deployment but I am not able to create that IAM role due to some company security restrictions. The arguable actions from recommended role are:

iam:CreateRole
iam:DeleteRole
iam:DeleteRolePolicy

My cloud team advise to investigate what those roles are that Functionbeat needs to create and delete and then to set up that permissions over our internal "IAM manager".

Could you please advise if this is doable?

Cheers,
Dragan

This topic was automatically closed 20 days after the last reply. New replies are no longer allowed.