Creating an Identity and Access Management (IAM) user in the AWS Management Console

An Amazon administrator must create a user and then apply the s3:listBucket and s3:getObject permissions to that user in the AWS Management Console. The QRadar® user can then create a log source in QRadar.

About this task

The minimum required permissions are s3:listBucket and s3:getObject. You can assign other permissions to the user as needed.

Sample policy:

    "Version": "2012-10-17",
    "Statement": [
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
            "Resource": [

For more information about permissions that are related to bucket operations, go to the AWS documentation website (


  1. Log in to the AWS Management Console as an administrator.
  2. Click Services.
  3. From the list, select IAM.
  4. Click Users > Add user.
  5. Create an Amazon AWS IAM user and then apply the AmazonS3ReadOnlyAccess policy.

What to do next

Configuring security credentials for your AWS user account