diff --git a/docs/platform-services/automation-service/app-central/integrations/aws-cloudtrail.md b/docs/platform-services/automation-service/app-central/integrations/aws-cloudtrail.md
index 55bc604e2d..9219b562c2 100644
--- a/docs/platform-services/automation-service/app-central/integrations/aws-cloudtrail.md
+++ b/docs/platform-services/automation-service/app-central/integrations/aws-cloudtrail.md
@@ -6,8 +6,8 @@ import useBaseUrl from '@docusaurus/useBaseUrl';
})
-***Version: 1.2
-Updated: Jun 15, 2023***
+***Version: 1.3
+Updated: August 19, 2025***
Interact with AWS CloudTrail through Trails and Events.
@@ -33,17 +33,20 @@ import IntegrationsAuthAWS from '../../../../reuse/integrations-authentication-a
import AWSRegions from '../../../../reuse/automation-service/aws/region.md';
import AWSAccesskey from '../../../../reuse/automation-service/aws/access-key.md';
import AWSSecret from '../../../../reuse/automation-service/aws/secret.md';
+import AWSIAMRole from '../../../../reuse/automation-service/aws/iam-role.md';
import IntegrationCertificate from '../../../../reuse/automation-service/integration-certificate.md';
import IntegrationEngine from '../../../../reuse/automation-service/integration-engine.md';
import IntegrationLabel from '../../../../reuse/automation-service/integration-label.md';
import IntegrationProxy from '../../../../reuse/automation-service/integration-proxy.md';
import IntegrationTimeout from '../../../../reuse/automation-service/integration-timeout.md';
+import IAMConfiguration from '../../../../reuse/automation-service/aws/iam-configuration.md';
*
*
*
+*
*
*
*
@@ -52,9 +55,24 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration
})
+For information about AWS CloudTrail, see [CloudTrail documentation](https://docs.aws.amazon.com/cloudtrail/).
+
-For information about AWS CloudTrail, see [CloudTrail documentation](https://docs.aws.amazon.com/cloudtrail/).
+### AWS IAM role-based access
+
+
+
+## Required Permissions
+```
+ cloudtrail:DescribeTrails
+ cloudtrail:LookupEvents
+ cloudtrail:CreateTrail
+ cloudtrail:DeleteTrail
+ cloudtrail:StartLogging
+ cloudtrail:StopLogging
+ cloudtrail:UpdateTrail
+```
## Change Log
@@ -62,3 +80,4 @@ For information about AWS CloudTrail, see [CloudTrail documentation](https://doc
* March 10, 2022 - Logo
* May 12, 2023 (v1.1) - Integration refactored
* June 15, 2023 (v1.2) - Updated the integration with Environmental Variables
+* August 19, 2025 (v1.3) - Added support for IAM role authentication - Users can now authenticate using an AWS IAM Role in addition to access key–based authentication.
diff --git a/docs/platform-services/automation-service/app-central/integrations/aws-route53.md b/docs/platform-services/automation-service/app-central/integrations/aws-route53.md
index 9f9df2dc44..f315f8430c 100644
--- a/docs/platform-services/automation-service/app-central/integrations/aws-route53.md
+++ b/docs/platform-services/automation-service/app-central/integrations/aws-route53.md
@@ -6,8 +6,8 @@ import useBaseUrl from '@docusaurus/useBaseUrl';
-***Version: 1.1
-Updated: Jun 21, 2023***
+***Version: 1.2
+Updated: August 19, 2025***
Interact with DNS records through AWS Route 53.
@@ -31,11 +31,13 @@ import IntegrationsAuthAWS from '../../../../reuse/integrations-authentication-a
import AWSRegions from '../../../../reuse/automation-service/aws/region.md';
import AWSAccesskey from '../../../../reuse/automation-service/aws/access-key.md';
import AWSSecret from '../../../../reuse/automation-service/aws/secret.md';
+import AWSIAMRole from '../../../../reuse/automation-service/aws/iam-role.md';
import IntegrationCertificate from '../../../../reuse/automation-service/integration-certificate.md';
import IntegrationEngine from '../../../../reuse/automation-service/integration-engine.md';
import IntegrationLabel from '../../../../reuse/automation-service/integration-label.md';
import IntegrationProxy from '../../../../reuse/automation-service/integration-proxy.md';
import IntegrationTimeout from '../../../../reuse/automation-service/integration-timeout.md';
+import IAMConfiguration from '../../../../reuse/automation-service/aws/iam-configuration.md';
@@ -43,17 +45,22 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration
* **URL**. Enter your [AWS Route 53 URL](https://docs.aws.amazon.com/general/latest/gr/r53.html), for example, `route53.amazonaws.com`.
*
*
+*
*
*
*
})
+For information about AWS Route 53, see [Route 53 documentation](https://docs.aws.amazon.com/route53/).
+
-For information about AWS Route 53, see [Route 53 documentation](https://docs.aws.amazon.com/route53/).
+### AWS IAM role-based access
+
## Change Log
* December 24, 2019 - First upload
* June 21, 2023 (v1.1) - Updated the integration with Environmental Variables
+* August 19, 2025 (v1.2) - Added support for IAM role authentication - Users can now authenticate using an AWS IAM Role in addition to access key–based authentication.
diff --git a/docs/platform-services/automation-service/app-central/integrations/aws-s3.md b/docs/platform-services/automation-service/app-central/integrations/aws-s3.md
index 274c39975a..604984d712 100644
--- a/docs/platform-services/automation-service/app-central/integrations/aws-s3.md
+++ b/docs/platform-services/automation-service/app-central/integrations/aws-s3.md
@@ -6,8 +6,8 @@ import useBaseUrl from '@docusaurus/useBaseUrl';
-***Version: 1.2
-Updated: Jun 28, 2023***
+***Version: 1.3
+Updated: August 19, 2025***
Interact with AWS S3 buckets, objects, and policies.
@@ -35,17 +35,20 @@ import IntegrationsAuthAWS from '../../../../reuse/integrations-authentication-a
import AWSRegions from '../../../../reuse/automation-service/aws/region.md';
import AWSAccesskey from '../../../../reuse/automation-service/aws/access-key.md';
import AWSSecret from '../../../../reuse/automation-service/aws/secret.md';
+import AWSIAMRole from '../../../../reuse/automation-service/aws/iam-role.md';
import IntegrationCertificate from '../../../../reuse/automation-service/integration-certificate.md';
import IntegrationEngine from '../../../../reuse/automation-service/integration-engine.md';
import IntegrationLabel from '../../../../reuse/automation-service/integration-label.md';
import IntegrationProxy from '../../../../reuse/automation-service/integration-proxy.md';
import IntegrationTimeout from '../../../../reuse/automation-service/integration-timeout.md';
+import IAMConfiguration from '../../../../reuse/automation-service/aws/iam-configuration.md';
*
*
*
+*
*
* **URL**. Enter your [Amazon S3 URL](https://docs.aws.amazon.com/general/latest/gr/s3.html), for example, `s3.us-east-1.amazonaws.com`.
*
@@ -55,8 +58,29 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration
+### AWS IAM role-based access
+
+
+
+## Required Permissions
+```
+ s3:GetBucketPolicy
+ s3:ListBucket
+ s3:ListAllMyBuckets
+ s3:GetObject
+ s3:PutObject
+ s3:CreateBucket
+ s3:DeleteBucket
+ s3:DeleteBucketPolicy
+ s3:DeleteObject
+ s3:PutBucketPolicy
+```
+
## Change Log
* October 3, 2019 - First upload
* June 21, 2023 (v1.1) - Updated the integration with Environmental Variables
* June 28, 2023 (v1.2) - Visibility of the Resource fields changed
+* August 19, 2025 (v1.3) -
+ * Added IAM Role Support - Users can now authenticate using an AWS IAM Role in addition to access key–based authentication.
+ * Added input validation in the *Download File* action.
diff --git a/docs/platform-services/automation-service/app-central/integrations/aws-simple-notification-service.md b/docs/platform-services/automation-service/app-central/integrations/aws-simple-notification-service.md
index a67d99b0ff..3f80ca4b6e 100644
--- a/docs/platform-services/automation-service/app-central/integrations/aws-simple-notification-service.md
+++ b/docs/platform-services/automation-service/app-central/integrations/aws-simple-notification-service.md
@@ -7,8 +7,8 @@ import useBaseUrl from '@docusaurus/useBaseUrl';
-***Version: 1.2
-Updated: Jun 15, 2023***
+***Version: 1.3
+Updated: August 19, 2025***
Amazon Simple Notification Service (SNS) is a pub/sub messaging and mobile notifications service for coordinating the delivery of messages to subscribing endpoints and clients.
@@ -28,17 +28,20 @@ import IntegrationsAuthAWS from '../../../../reuse/integrations-authentication-a
import AWSRegions from '../../../../reuse/automation-service/aws/region.md';
import AWSAccesskey from '../../../../reuse/automation-service/aws/access-key.md';
import AWSSecret from '../../../../reuse/automation-service/aws/secret.md';
+import AWSIAMRole from '../../../../reuse/automation-service/aws/iam-role.md';
import IntegrationCertificate from '../../../../reuse/automation-service/integration-certificate.md';
import IntegrationEngine from '../../../../reuse/automation-service/integration-engine.md';
import IntegrationLabel from '../../../../reuse/automation-service/integration-label.md';
import IntegrationProxy from '../../../../reuse/automation-service/integration-proxy.md';
import IntegrationTimeout from '../../../../reuse/automation-service/integration-timeout.md';
+import IAMConfiguration from '../../../../reuse/automation-service/aws/iam-configuration.md';
*
*
*
+*
*
*
*
@@ -47,9 +50,13 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration
})
+For information about Amazon Simple Notification Service, see [Amazon Simple Notification Service documentation](https://docs.aws.amazon.com/sns/).
+
-For information about Amazon Simple Notification Service, see [Amazon Simple Notification Service documentation](https://docs.aws.amazon.com/sns/).
+### AWS IAM role-based access
+
+
## External Libraries
@@ -61,3 +68,4 @@ For information about Amazon Simple Notification Service, see [Amazon Simple Not
* March 3, 2023 (v1.1)
+ Updated integration Fields Label
* June 15, 2023 (v1.2) - Updated the integration with Environmental Variables
+* August 19, 2025 (v1.3) - Added IAM Role Support - Users can now authenticate using an AWS IAM Role in addition to access key–based authentication.
\ No newline at end of file
diff --git a/docs/platform-services/automation-service/app-central/integrations/aws-sqs.md b/docs/platform-services/automation-service/app-central/integrations/aws-sqs.md
index 42d1a70ec9..30fc206c9d 100644
--- a/docs/platform-services/automation-service/app-central/integrations/aws-sqs.md
+++ b/docs/platform-services/automation-service/app-central/integrations/aws-sqs.md
@@ -6,8 +6,8 @@ import useBaseUrl from '@docusaurus/useBaseUrl';
-***Version: 1.2
-Updated: Jun 15, 2023***
+***Version: 1.3
+Updated: August 19, 2025***
Using the integration with SQS, you can gather current queues, add a new queue, delete and purge existing queues during an active investigation.
@@ -31,29 +31,47 @@ import IntegrationsAuthAWS from '../../../../reuse/integrations-authentication-a
import AWSRegions from '../../../../reuse/automation-service/aws/region.md';
import AWSAccesskey from '../../../../reuse/automation-service/aws/access-key.md';
import AWSSecret from '../../../../reuse/automation-service/aws/secret.md';
+import AWSIAMRole from '../../../../reuse/automation-service/aws/iam-role.md';
import IntegrationCertificate from '../../../../reuse/automation-service/integration-certificate.md';
import IntegrationEngine from '../../../../reuse/automation-service/integration-engine.md';
import IntegrationLabel from '../../../../reuse/automation-service/integration-label.md';
import IntegrationProxy from '../../../../reuse/automation-service/integration-proxy.md';
import IntegrationTimeout from '../../../../reuse/automation-service/integration-timeout.md';
+import IAMConfiguration from '../../../../reuse/automation-service/aws/iam-configuration.md';
*
*
*
+*
*
*
*
})
+For information about AWS SQS, see [SQS documentation](https://docs.aws.amazon.com/sqs/).
+
-For information about AWS SQS, see [SQS documentation](https://docs.aws.amazon.com/sqs/).
+### AWS IAM role-based access
+
+
+
+## Required Permissions
+```
+ sqs:ListQueues
+ sqs:GetQueueUrl
+ sqs:CreateQueue
+ sqs:DeleteQueue
+ sqs:PurgeQueue
+ sqs:SendMessage
+```
## Change Log
* January 16, 2020 - First upload
* March 10, 2022 - Logo
* June 15, 2023 (v1.2) - Updated the integration with Environmental Variables
+* August 19, 2025 (v1.3) - Added support for IAM role authentication - Users can now authenticate using an AWS IAM Role in addition to access key–based authentication.
diff --git a/docs/platform-services/automation-service/configure-authentication-for-integrations.md b/docs/platform-services/automation-service/configure-authentication-for-integrations.md
index b0f17dd8be..4dae575bc1 100644
--- a/docs/platform-services/automation-service/configure-authentication-for-integrations.md
+++ b/docs/platform-services/automation-service/configure-authentication-for-integrations.md
@@ -6,6 +6,7 @@ description: Learn how to configure authentication for automation integrations.
---
import useBaseUrl from '@docusaurus/useBaseUrl';
+import IAMConfiguration from '../../reuse/automation-service/aws/iam-configuration.md';
This article provides a quick reference to configure authentication for [automation integrations in App Central](/docs/platform-services/automation-service/app-central/integrations/) for the Automation Service and Cloud SOAR. Refer to the individual integrations articles for detailed information on setup, usage, and features.
@@ -119,7 +120,9 @@ For AWS service endpoints information, see [AWS documentation](https://docs.aws.
#### Authentication method
-AWS recommends using IAM roles with temporary security credentials over long-term access keys for enhanced security. However, our AWS integrations currently support only access keys due to the need for dynamically managed credentials.
+AWS recommends using IAM roles with temporary security credentials over long-term access keys for enhanced security.
+
+
#### Regional configuration
diff --git a/docs/reuse/automation-service/aws/access-key.md b/docs/reuse/automation-service/aws/access-key.md
index bcbf60634b..60d074521f 100644
--- a/docs/reuse/automation-service/aws/access-key.md
+++ b/docs/reuse/automation-service/aws/access-key.md
@@ -1 +1 @@
-**Access Key ID**. Enter an AWS [access key ID](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html) to provide authentication. (Although AWS recommends using IAM roles with temporary security credentials instead of access keys, our AWS integrations currently support only access keys due to the need for dynamically managed credentials.)
\ No newline at end of file
+**Access Key ID**. Enter an AWS [access key ID](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html) to provide authentication. (Although AWS recommends using IAM roles with temporary security credentials instead of access keys.)
\ No newline at end of file
diff --git a/docs/reuse/automation-service/aws/iam-configuration.md b/docs/reuse/automation-service/aws/iam-configuration.md
new file mode 100644
index 0000000000..f61c0bacb2
--- /dev/null
+++ b/docs/reuse/automation-service/aws/iam-configuration.md
@@ -0,0 +1,19 @@
+To enable AWS IAM role-based authentication without sharing access keys and secrets, follow the steps below:
+1. [Create an IAM role](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create.html) in your AWS account. Follow AWS’s guide to create a new IAM role.
+2. [Attach required policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_manage-attach-detach.html) to the role depending on the AWS services you want to allow access to (for example, `AmazonEC2ReadOnlyAccess`, `AWSWAFFullAccess`, etc.).
+3. [Update the trust policy](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-custom.html) to allow Sumo Logic’s AWS account to assume this role. This involves editing the trust relationship JSON to include Sumo Logic’s AWS account ID as a trusted principal.
+ Example trust policy:
+ ```json
+ {
+ "Version": "2012-10-17",
+ "Statement": [
+ {
+ "Effect": "Allow",
+ "Principal": {
+ "AWS": "arn:aws:iam:::root"
+ },
+ "Action": "sts:AssumeRole"
+ }
+ ]
+ }
+ ```
diff --git a/docs/reuse/automation-service/aws/iam-role.md b/docs/reuse/automation-service/aws/iam-role.md
new file mode 100644
index 0000000000..05ea8ba2d2
--- /dev/null
+++ b/docs/reuse/automation-service/aws/iam-role.md
@@ -0,0 +1 @@
+**IAM Role**. Enter an AWS IAM Role ARN to provide authentication. See the AWS documentation on [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) for more information.
\ No newline at end of file