This the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

    IAM Policy Code to Use

    Best Practice: Create a Sysdig-specific IAM policy to be used for granting programmatic access to Sysdig. Copy/paste the code snippet below into this policy. It enables Sysdig to collect metadata and CloudWatch metrics from the following services, as applicable to your environment:

    • Dynamodb

    • EC2 hosts

    • ECS

    • Elasticache

    • RDS

    • SQS

    If you want to use your own AWS S3 bucket to store Sysdig capture files, you can append those code snippets to this IAM Policy as well. See Storage: Configure AWS Capture File Storage (Optional) for details.

        "Version": "2012-10-17",
        "Statement": [
                "Action": [
                "Effect": "Allow",
                "Resource": "*"

    See Changing the AWS Services that are Polled for more detail.