All Apps and Add-ons

Cant add CloudTrail(SQS based S3) to AWS addons for AWS.

Sorok71
Engager

We are using Splunk CLoud and need to integrate it with our AWS accounts. The whole scheme of integrations looks like
https://cloudcraft.co/view/e3810740-7b15-4d3c-9484-fb7cc9e8bb23?key=Bf6ssGDBu5IRZ__eBW9d3g

I've created Policy "Configure one policy containing permissions for all inputs" https://docs.splunk.com/Documentation/AddOns/released/AWS/ConfigureAWSpermissions

also granted the user to delegate permissions for this role to IAM users.

Add admin account in AWS addons for AWS > Configuration > Account
I set the admin account just for testing for making sure that User has all privileges that can we need.

But when I am trying to add new Input CloudTrail(SQS based S3) I got an error:

Unexpected error "" from python handler: "HTTP 404 Not Found -- {"messages":[{"type":"ERROR","text":"Could not find object id=assume_role"}]}". See splunkd.log for more details.
https://www.screencast.com/t/JRXWXXGuUX

I've also trying to set the Role here. The same result. Also, as I understand Role is using for checking other linked AWS accounts to the current one.

logs queue has available messages

I will appreciate any help

Tags (4)

mlogendra_splun
Splunk Employee
Splunk Employee

Please try changing the app permissions to Global. It fixed the problem in my case

vinkumar_splunk
Splunk Employee
Splunk Employee

This has worked for me, thank you!

0 Karma
Get Updates on the Splunk Community!

New in Observability - Improvements to Custom Metrics SLOs, Log Observer Connect & ...

The latest enhancements to the Splunk observability portfolio deliver improved SLO management accuracy, better ...

Improve Data Pipelines Using Splunk Data Management

  Register Now   This Tech Talk will explore the pipeline management offerings Edge Processor and Ingest ...

3-2-1 Go! How Fast Can You Debug Microservices with Observability Cloud?

Register Join this Tech Talk to learn how unique features like Service Centric Views, Tag Spotlight, and ...