AWS Distro for OpenTelemetry

Configuring Permissions

Configuring Permissions

The AWS Distro for OpenTelemetry Collector requires permissions for Amazon CloudWatch Logs for metric publishing, and for AWS X-Ray for sending traces.



Create IAM policy

  1. Open the IAM console.
  2. In the navigation pane, choose Policies.
  3. Choose Create policy, and then choose JSON.
  4. Type the following policy.
1{
2    "Version": "2012-10-17",
3    "Statement": [
4        {
5            "Effect": "Allow",
6            "Action": [
7                "logs:PutLogEvents",
8                "logs:CreateLogGroup",
9                "logs:CreateLogStream",
10                "logs:DescribeLogStreams",
11                "logs:DescribeLogGroups",
12                "logs:PutRetentionPolicy",
13                "xray:PutTraceSegments",
14                "xray:PutTelemetryRecords",
15                "xray:GetSamplingRules",
16                "xray:GetSamplingTargets",
17                "xray:GetSamplingStatisticSummaries",
18                "ssm:GetParameters"
19            ],
20            "Resource": "*"
21        }
22    ]
23}
  1. Choose Review policy.
  2. On the Review policy page, type AWSDistroOpenTelemetryPolicy for the Name, and then choose Create policy.

On this page