mk40us
commented
7 years ago Need to be able to ASSUME Roles (AWS STS)
Open mk40us opened 7 years ago
mk40us
commented
7 years ago Need to be able to ASSUME Roles (AWS STS)
aidan-
commented
7 years ago At the moment this functionality is not supported, but I am more than happy to accept a pull request for it :)
However, if you are collecting CloudTrail logs from multiple AWS accounts and inserting them into a single Elasticsearch cluster, a better way of solving this might be to configure CloudTrail to send all of the logs (in each AWS account) to a single account. That way cloudtrailbeat can still monitor one SQS and one S3 bucket.
More information on how to do this is available here: http://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-receive-logs-from-multiple-accounts.html
mk40us
commented
7 years ago Aidan, thanks for the response , we do collect them in single AWS account in one S3 but however we sperate Dev/Qa and prod AWS accounts and so total of 3 AWS SQS and s3 buckets going into the same ES cluster . We would like to use AWS STS Assume roles to be able to collect from those buckets too. Any help is very much appreciated !!
Would like to collect Cloudtrail logs from multiple AWS accounts and need to use "AWS Profile" with multiple IAM roles. Would be able to add support to it?