Skip to content

Commit

Permalink
[AWS] Add SQS API calls documentation and required S3 permissions (#1…
Browse files Browse the repository at this point in the history
…2072)

* add SQS calls and S3 permissions in docs

* bump package version

* fix pr id

* add SQS GetQueueAttributes
sort permissions
  • Loading branch information
gpop63 authored Dec 12, 2024
1 parent 27dfb93 commit 21ca46b
Show file tree
Hide file tree
Showing 4 changed files with 20 additions and 1 deletion.
7 changes: 7 additions & 0 deletions packages/aws/_dev/build/docs/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,10 @@ Each of these APIs may generate extra charges on your AWS Account. Refer to [AWS
| S3 GetObject | 1 | Per object per collection period | logs related only |
| SecurityHub GetFindings | Total number of results / GetFindings max page size ( 100, based on [AWS API GetFindings](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetFindings.html) | Per region per collection period | AWS Security Hub | |
| SecurityHub GetInsights | Total number of results / GetInsights max page size ( 100, based on [AWS API GetInsights](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetInsights.html) | Per region per collection period | AWS Security Hub | |
| SQS ReceiveMessage | 1 | Every 20s minimum (more frequent if messages are waiting) | logs related only (S3 notifications) |
| SQS DeleteMessage | 1 | Once per received message | logs related only (S3 notifications) |
| SQS ChangeMessageVisibility | 1 | When message processing exceeds 150s | logs related only (S3 notifications) |
| SQS GetQueueAttributes | 1 | Every minute to capture queue depth metric | logs related only (S3 notifications) |

### Metrics collection and cost considerations

Expand Down Expand Up @@ -177,10 +181,13 @@ make sure these permissions are given:
* `organizations:ListAccounts`
* `rds:DescribeDBInstances`
* `rds:ListTagsForResource`
* `s3:GetBucketLocation`
* `s3:GetObject`
* `s3:ListBucket`
* `sns:ListTopics`
* `sqs:ChangeMessageVisibility`
* `sqs:DeleteMessage`
* `sqs:GetQueueAttributes`
* `sqs:ListQueues`
* `sqs:ReceiveMessage`
* `sts:AssumeRole`
Expand Down
5 changes: 5 additions & 0 deletions packages/aws/changelog.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,9 @@
# newer versions go on top
- version: "2.36.1"
changes:
- description: Add SQS API calls documentation and required S3 permissions.
type: enhancement
link: https://github.com/elastic/integrations/pull/12072
- version: "2.36.0"
changes:
- description: Add ELB connection logs dashboards for application load balancers.
Expand Down
7 changes: 7 additions & 0 deletions packages/aws/docs/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,10 @@ Each of these APIs may generate extra charges on your AWS Account. Refer to [AWS
| S3 GetObject | 1 | Per object per collection period | logs related only |
| SecurityHub GetFindings | Total number of results / GetFindings max page size ( 100, based on [AWS API GetFindings](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetFindings.html) | Per region per collection period | AWS Security Hub | |
| SecurityHub GetInsights | Total number of results / GetInsights max page size ( 100, based on [AWS API GetInsights](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetInsights.html) | Per region per collection period | AWS Security Hub | |
| SQS ReceiveMessage | 1 | Every 20s minimum (more frequent if messages are waiting) | logs related only (S3 notifications) |
| SQS DeleteMessage | 1 | Once per received message | logs related only (S3 notifications) |
| SQS ChangeMessageVisibility | 1 | When message processing exceeds 150s | logs related only (S3 notifications) |
| SQS GetQueueAttributes | 1 | Every minute to capture queue depth metric | logs related only (S3 notifications) |

### Metrics collection and cost considerations

Expand Down Expand Up @@ -177,10 +181,13 @@ make sure these permissions are given:
* `organizations:ListAccounts`
* `rds:DescribeDBInstances`
* `rds:ListTagsForResource`
* `s3:GetBucketLocation`
* `s3:GetObject`
* `s3:ListBucket`
* `sns:ListTopics`
* `sqs:ChangeMessageVisibility`
* `sqs:DeleteMessage`
* `sqs:GetQueueAttributes`
* `sqs:ListQueues`
* `sqs:ReceiveMessage`
* `sts:AssumeRole`
Expand Down
2 changes: 1 addition & 1 deletion packages/aws/manifest.yml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
format_version: 3.0.0
name: aws
title: AWS
version: 2.36.0
version: 2.36.1
description: Collect logs and metrics from Amazon Web Services (AWS) with Elastic Agent.
type: integration
categories:
Expand Down

0 comments on commit 21ca46b

Please sign in to comment.