Creating an Identity and Access (IAM) user in the AWS Management Console
An Amazon administrator must create a user and then apply the
CloudWatchLogsReadOnlyAccess policy in the AWS Management Console. The QRadar user can then create a log
source in QRadar.
Procedure
- Log in to the AWS Management Console as an administrator.
- Create an Amazon AWS IAM user and then apply the CloudWatchLogsReadOnlyAccess policy.
What to do next
Amazon Web Services log source parameters for Amazon AWS Security Hub