Creating an Identity and Access (IAM) user in the AWS Management Console
An Amazon administrator must create a user and then apply the CloudWatchLogsReadOnlyAccess policy in the AWS Management Console. The QRadar® user can then create a log source in QRadar.
- Log in to the AWS Management Console as an administrator.
- Create an Amazon AWS IAM user and then apply the CloudWatchLogsReadOnlyAccess policy.
What to do next
Amazon Web Services log source parameters for Amazon AWS Security Hub