Minimum Permissions Required for Acquiring Traffic using the UCT-V

Prerequisites:

Before configuring the required permissions and previleges in AWS, you must install GigaVUE‑FM. For details, refer to Install GigaVUE-FM on AWS.

Minimum permissions required to acquire traffic using the UCT-V and authenticate using an IAM instance role

Copy

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "ec2:CreateTags",
                "ec2:DeleteTags",
                "ec2:RunInstances",
                "ec2:TerminateInstances",
                "ec2:AssociateAddress",
                "ec2:DisassociateAddress",
                "ec2:DescribeImages",
                "ec2:DescribeInstances",
                "ec2:DescribeInstanceTypes",
                "ec2:DescribeVpcs",
                "ec2:DescribeSubnets",
                "ec2:DescribeKeyPairs",
                "ec2:DescribeSecurityGroups",
                "ec2:DescribeVolumes",
                "ec2:DescribeAddresses",
                "ec2:RebootInstances",
                "ec2:StartInstances",
                "ec2:StopInstances",
                "iam:GetPolicyVersion",
                "iam:GetPolicy",
                "iam:ListAttachedRolePolicies",
                "iam:ListAccountAliases",
                "iam:ListRolePolicies",
                "kms:ListAliases",
                "kms:GenerateDataKeyWithoutPlaintext"

            ],
            "Resource": "*"
        }
    ]
}

For more information regarding policies and permissions, refer to AWS Documentation.

If you are using inline policy or basic authentication, then update the policy with the relevant IAM service. For more information, see GigaVUE-FM Instance Multi Account Support Using Amazon STS.

What to do Next:

Configure the AWS credentials in GigaVUE‑FM to monitor workloads across multiple AWS accounts within one Monitoring Domain. For details, refer to Create AWS Credentials.