Perch integrates with Amazon Web Services CloudTrail to ingest logs for all your Amazon services. You can configure your AWS CloudTrail to provide whichever logs you desire. You will need to create a user for Perch in AWS IAM so that your CloudTrail configuration can be accessed. Once the user is created, simply provide the credentials in your Perch Integration Settings and your logs will be collected automatically.
In order for Perch to access your AWS CloudTrail logs, you must explicitly grant permission to a user.
- Go to the Users section of AWS IAM.
- Click the blue “Add user” button.
- Give the user a name and select “Programmatic access.”
- Click the new “Next: Permissions” button.
- Select “Attach existing policies directly” and check “AWSCloudTrailReadOnlyAccess.”
- Finish the wizard and save the user’s credentails in a secure place for the next few steps.
- Install the AWS CloudTrail integration.
- Enter the credentials from AWS.
- Click “Save and Test.”
- Toggle “Enable AWS CloudTrail event log collection” and click “Save.”
Like all Perch integrations, you can enable or disable AWS CloudTrail log ingestion at any time by toggling the switch from “OFF” ( gray ) to “ON” ( purple ), or the other way around.