Solved

What permissions are needed for Cribl Stream to pull an S3 bucket? I’m creating a role for it to use

Forum|Forum|8 months ago
March 11, 2025
2 replies
13 views

Erin Sweeney
Employee

What permissions are needed for Cribl Stream to pull an S3 bucket? I’m creating a role for it to use.

Best answer by Brendan Dalpe

To pull from the S3 bucket using a collector, you need S3:GetObject and S3:ListBucket permissions as a minimum.

Here is a sample IAM policy you can use:

{  "Version": "2012-10-17",  "Statement": [  {  "Effect": "Allow",  "Action": [  "s3:GetObject"  ],  "Resource": "arn:aws:s3:::<bucket_name>/*"  },  {  "Effect": "Allow",  "Action": [  "s3:ListBucket"  ],  "Resource": "arn:aws:s3:::<bucket_name>"  }  ]}

B

Brendan Dalpe
Inspiring
Answer
Forum|Forum|8 months ago
March 11, 2025

To pull from the S3 bucket using a collector, you need S3:GetObject and S3:ListBucket permissions as a minimum.

Here is a sample IAM policy you can use:

{  "Version": "2012-10-17",  "Statement": [  {  "Effect": "Allow",  "Action": [  "s3:GetObject"  ],  "Resource": "arn:aws:s3:::<bucket_name>/*"  },  {  "Effect": "Allow",  "Action": [  "s3:ListBucket"  ],  "Resource": "arn:aws:s3:::<bucket_name>"  }  ]}

Like

B

Brandon McCombs
Employee
Forum|Forum|8 months ago
March 11, 2025

If using the S3 input then permissions must be set for both the bucket and the SQS queue. See Amazon S3 | Cribl Docs

Like

Sign up

Using your Cribl.Cloud account

Login to the community

Using your Cribl.Cloud account

Scanning file for viruses.

This file cannot be downloaded