Help us improve the AWS re:Post Knowledge Center by sharing your feedback in a brief survey. Your input can influence how we create and update our content to better support your AWS journey.
Getting error for access denied in splunk for Security lake even though proper configuration in AWS
Hi, i have been trying security lake from few days, after dealing with lots of erros and all i was finally able to activate security lake in my account but further i wanted to ingest that data into splunk , i refer the following offical document to connect my AWS to splunk, https://github.com/splunk/splunk-add-on-for-amazon-security-lake/blob/main/Splunk%20Add-on%20for%20Amazon%20Security%20Lake.pdf it may seems for me that AWS account is connected but there is some permission issue regarding sqs, when i am trying to configure input i am getting error for Access denied to listqueues. i checked for permissions but it is already being given for role. Requesting you to please help me with that as this security lake completely new in AWS and there are not much resources available to look for.
Hope you understand and proceed to help me with my concern on live call.
i am attaching screenshot of error in Splunk
- Newest
- Most votes
- Most comments
The "Access denied to listqueues" error typically indicates a permissions issue. Ensure the IAM role associated with your AWS Security Lake has the necessary permissions, including sqs:ListQueues. Verify your queues aren't publicly accessible and implement least-privilege access. Review the security policies attached to your IAM identity and make sure the environment variable AWS_PROFILE is set to the correct role.
Relevant content
- asked 2 years ago
- asked 2 years ago
- AWS OFFICIALUpdated 2 years ago
Can you provide the logs?