Skip to content

[AWS docs] Add required permissions for Custom AWS Logs#11891

Merged
alaudazzi merged 0 commit intomainfrom
fix-11603
Nov 29, 2024
Merged

[AWS docs] Add required permissions for Custom AWS Logs#11891
alaudazzi merged 0 commit intomainfrom
fix-11603

Conversation

@alaudazzi
Copy link
Copy Markdown
Member

@alaudazzi alaudazzi commented Nov 27, 2024

This PR adds the specific permissions required to use the Custom AWS Logs integration, both for aws-s3 input and aws-cloudwatch input.

Closes #11603.

@alaudazzi alaudazzi added documentation Improvements or additions to documentation. Applied to PRs that modify *.md files. enhancement New feature or request labels Nov 27, 2024
@alaudazzi alaudazzi self-assigned this Nov 27, 2024
@alaudazzi alaudazzi requested a review from a team as a code owner November 27, 2024 08:38
@andrewkroh andrewkroh added Integration:aws_logs Custom AWS Logs Team:obs-ds-hosted-services Observability Hosted Services team [elastic/obs-ds-hosted-services] labels Nov 27, 2024
lucabelluccini
lucabelluccini reviewed Nov 27, 2024
View reviewed changes
Copy link
Copy Markdown
Contributor

@lucabelluccini lucabelluccini left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hello @alaudazzi
I would involve the owners / developer of the aws_logs integration for a double check.

To me, the pointers to the Filebeat aws-s3 doc and cloudwatch doc make sense, but I would have expected that the whole Requirement section of https://www.elastic.co/docs/current/integrations/aws#requirements would have been ported to https://www.elastic.co/docs/current/integrations/aws_logs.
IIUC, the permissions should be similar (just the AWS integration Requirement section mixes up both the permissions required for S3 and Cloudwatch).
Obviously the "cost" of this is we're duplicating the content.

If instead we want to tackle this problem properly in the follow up issue #11793, then this PR should be ok to allow users to understand which permissions are required.

I would ask @octavioranieri to review.

@octavioranieri
Copy link
Copy Markdown

octavioranieri commented Nov 27, 2024

+1 to @lucabelluccini suggestions above.

It's better to have it within the page (and product) instead of referencing to an external page.
we already do that under the parent page for https://www.elastic.co/docs/current/integrations/aws#aws-permissions

@alaudazzi
Copy link
Copy Markdown
Member Author

alaudazzi commented Nov 27, 2024

Duplicating content often leads to maintenance issues that are difficult to track.

@kaiyan-sheng
Copy link
Copy Markdown

kaiyan-sheng commented Nov 28, 2024

@alaudazzi I agree with Luca on the whole Requirement section should be included as well. This is not necessarily permissions but should be mentioned as required for using the integration.

@alaudazzi
Copy link
Copy Markdown
Member Author

alaudazzi commented Nov 28, 2024

@kaiyan-sheng @octavioranieri
Thank you for your feedback.

@lucabelluccini

If instead we want to tackle this problem properly in the follow up issue #11793, then this PR should be ok to allow users to understand which permissions are required.

Yes, let's do that.

Please note that one of the points highlighted in the follow-up issue is locate the permissions set in one place to facilitate content standardization and maintenance.

@elasticmachine
Copy link
Copy Markdown

elasticmachine commented Nov 28, 2024

💚 Build Succeeded

History

cc @alaudazzi

@elastic-sonarqube
Copy link
Copy Markdown

elastic-sonarqube bot commented Nov 28, 2024

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

@alaudazzi alaudazzi merged commit 82ae499 into main Nov 29, 2024
@alaudazzi alaudazzi deleted the fix-11603 branch November 29, 2024 09:22
@elastic-vault-github-plugin-prod
Copy link
Copy Markdown

elastic-vault-github-plugin-prod bot commented Nov 29, 2024

Package aws_logs - 1.5.1 containing this change is available at https://epr.elastic.co/package/aws_logs/1.5.1/

harnish-crest-data pushed a commit to chavdaharnish/integrations that referenced this pull request Feb 4, 2025
@alaudazzi
[AWS docs] Add required permissions for Custom AWS Logs (elastic#11891)
23be827 
* Add required permissions for AWS custom logs

* Update changelog and manifest
harnish-crest-data pushed a commit to chavdaharnish/integrations that referenced this pull request Feb 5, 2025
@alaudazzi
[AWS docs] Add required permissions for Custom AWS Logs (elastic#11891)
f0e35aa 
* Add required permissions for AWS custom logs

* Update changelog and manifest
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lucabelluccini lucabelluccini lucabelluccini left review comments

@octavioranieri octavioranieri Awaiting requested review from octavioranieri

+1 more reviewer

@kaiyan-sheng kaiyan-sheng kaiyan-sheng approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@alaudazzi alaudazzi

Labels

documentation Improvements or additions to documentation. Applied to PRs that modify *.md files. enhancement New feature or request Integration:aws_logs Custom AWS Logs Team:obs-ds-hosted-services Observability Hosted Services team [elastic/obs-ds-hosted-services]

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[AWS docs] Required permissions under AWS custom logs

6 participants

@alaudazzi @octavioranieri @kaiyan-sheng @elasticmachine @lucabelluccini @andrewkroh