AWS IAM ROLE PERMISSION

    Please follow these steps to create an IAM role with the required permissions to access AWS flowlogs, CloudWatch, and EC2 instances through NFA:

    1. Create IAM Role:
      • Go to IAM - Roles - Create Role.
      • Select "AWS service" as the trusted entity.
      • Select "EC2" in the service or use case.
      • Click "Next" multiple times.
      • Provide a role name of your choice.
      • Click "Create."
    2. Now Select the created role
      • In permission policies, select "Create inline policy" from the "Add permission" option.
      • Choose the JSON option.
      • Copy the following syntax into the policy editor:

        {
        "Version": "2012-10-17",
        "Statement": [
        { "Sid": "VisualEditor0",
        "Effect": "Allow",
        "Action": [
        "ec2:DeleteFlowLogs",
        "logs:CreateLogStream",
        "logs:DescribeLogGroups",
        "ec2:CreateFlowLogs",
        "logs:DescribeLogStreams",
        "ec2:DescribeFlowLogs",
        "ec2:*",
        "logs:CreateLogGroup",
        "logs:PutLogEvents"
        ],
        "Resource": "*"
        }
        ]
        }

      • Click "Next" and save changes.