From ec800480ef301785835b67bf193aefad89d252ba Mon Sep 17 00:00:00 2001 From: "ruturaj.jain.ctr" Date: Tue, 29 Jul 2025 12:56:06 +0530 Subject: [PATCH 1/3] CSOAR-3364: Added IAM related change logs in AWS integrations --- .../app-central/integrations/aws-athena.md | 7 +++++-- .../app-central/integrations/aws-cloudfront.md | 7 +++++-- .../app-central/integrations/aws-ec2.md | 9 ++++++--- .../app-central/integrations/aws-inspector.md | 8 ++++++-- .../integrations/aws-private-certificate-authority.md | 8 ++++++-- 5 files changed, 28 insertions(+), 11 deletions(-) diff --git a/docs/platform-services/automation-service/app-central/integrations/aws-athena.md b/docs/platform-services/automation-service/app-central/integrations/aws-athena.md index 44e7b77a16..6a52c74776 100644 --- a/docs/platform-services/automation-service/app-central/integrations/aws-athena.md +++ b/docs/platform-services/automation-service/app-central/integrations/aws-athena.md @@ -6,8 +6,8 @@ import useBaseUrl from '@docusaurus/useBaseUrl'; automox -***Version: 1.1 -Updated: Jun 15, 2023*** +***Version: 1.2 +Updated: July 29, 2025*** Amazon Athena is a cloud-based service that enables you to run SQL queries on data stored in Amazon S3 without the need to set up any infrastructure. It is a serverless, pay-per-query service that makes it easy to analyze large amounts of data. @@ -37,6 +37,7 @@ import IntegrationsAuthAWS from '../../../../reuse/integrations-authentication-a import AWSRegions from '../../../../reuse/automation-service/aws/region.md'; import AWSAccesskey from '../../../../reuse/automation-service/aws/access-key.md'; import AWSSecret from '../../../../reuse/automation-service/aws/secret.md'; +import AWSIAMRole from '../../../../reuse/automation-service/aws/iam-role.md'; import IntegrationCertificate from '../../../../reuse/automation-service/integration-certificate.md'; import IntegrationEngine from '../../../../reuse/automation-service/integration-engine.md'; import IntegrationLabel from '../../../../reuse/automation-service/integration-label.md'; @@ -49,6 +50,7 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration * * * +* * * * @@ -68,3 +70,4 @@ For information about Amazon Athena, see [Athena documentation](https://docs.aws * February 22, 2023 (v1.0) - First upload * June 15, 2023 (v1.1) - Updated the integration with Environmental Variables +* July 29, 2025 (v1.2) - Added support for IAM role authentication - Users can now authenticate using an AWS IAM Role in addition to access key–based authentication. diff --git a/docs/platform-services/automation-service/app-central/integrations/aws-cloudfront.md b/docs/platform-services/automation-service/app-central/integrations/aws-cloudfront.md index 37e03152dc..bdd29e825b 100644 --- a/docs/platform-services/automation-service/app-central/integrations/aws-cloudfront.md +++ b/docs/platform-services/automation-service/app-central/integrations/aws-cloudfront.md @@ -6,8 +6,8 @@ import useBaseUrl from '@docusaurus/useBaseUrl'; aws -***Version: 1.3 -Updated: Jun 15, 2023*** +***Version: 1.4 +Updated: July 29, 2025*** Amazon CloudFront integrates with AWS Identity and Access Management (IAM), a service that lets your organization do the following: @@ -28,6 +28,7 @@ import IntegrationsAuthAWS from '../../../../reuse/integrations-authentication-a import AWSRegions from '../../../../reuse/automation-service/aws/region.md'; import AWSAccesskey from '../../../../reuse/automation-service/aws/access-key.md'; import AWSSecret from '../../../../reuse/automation-service/aws/secret.md'; +import AWSIAMRole from '../../../../reuse/automation-service/aws/iam-role.md'; import IntegrationCertificate from '../../../../reuse/automation-service/integration-certificate.md'; import IntegrationEngine from '../../../../reuse/automation-service/integration-engine.md'; import IntegrationLabel from '../../../../reuse/automation-service/integration-label.md'; @@ -41,6 +42,7 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration * **Service Name**. Enter `AWS CloudFront`. * * +* * * * @@ -58,3 +60,4 @@ For information about AWS CloudFront, see [CloudFront documentation](https://doc * April 14, 2023 (v1.1) + Updated integration: (Updated the integration Fields with Environmental Variables) * June 15, 2023 (v1.3) - Updated the integration with Environmental Variables +* July 29, 2025 (v1.4) - Added support for IAM role authentication - Users can now authenticate using an AWS IAM Role in addition to access key–based authentication. diff --git a/docs/platform-services/automation-service/app-central/integrations/aws-ec2.md b/docs/platform-services/automation-service/app-central/integrations/aws-ec2.md index 76dcaa4b55..a627c7e728 100644 --- a/docs/platform-services/automation-service/app-central/integrations/aws-ec2.md +++ b/docs/platform-services/automation-service/app-central/integrations/aws-ec2.md @@ -6,8 +6,8 @@ import useBaseUrl from '@docusaurus/useBaseUrl'; aws -***Version: 1.5 -Updated: Feb 04, 2025*** +***Version: 1.6 +Updated: July 29, 2025*** Using the integration with EC2, you can enrich incidents with specific EC2 data, create and delete snapshots, work with elastic addresses and instances, and manipulate security groups. @@ -53,6 +53,7 @@ import IntegrationsAuthAWS from '../../../../reuse/integrations-authentication-a import AWSRegions from '../../../../reuse/automation-service/aws/region.md'; import AWSAccesskey from '../../../../reuse/automation-service/aws/access-key.md'; import AWSSecret from '../../../../reuse/automation-service/aws/secret.md'; +import AWSIAMRole from '../../../../reuse/automation-service/aws/iam-role.md'; import IntegrationCertificate from '../../../../reuse/automation-service/integration-certificate.md'; import IntegrationEngine from '../../../../reuse/automation-service/integration-engine.md'; import IntegrationLabel from '../../../../reuse/automation-service/integration-label.md'; @@ -64,6 +65,7 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration * * * +* * * * @@ -84,4 +86,5 @@ For information about AWS EC2, see [EC2 documentation](https://docs.aws.amazon.c + July 04, 2024 (v1.4) + Updated action: Describe Instances (Resolved bug related to Instance ID field) + February 04, 2025 (v1.5) - + Added action: Describe Instances V2 \ No newline at end of file + + Added action: Describe Instances V2 ++ July 29, 2025 (v1.6) - Added support for IAM role authentication - Users can now authenticate using an AWS IAM Role in addition to access key–based authentication. diff --git a/docs/platform-services/automation-service/app-central/integrations/aws-inspector.md b/docs/platform-services/automation-service/app-central/integrations/aws-inspector.md index 98e8aa7d4f..6ee16322c9 100644 --- a/docs/platform-services/automation-service/app-central/integrations/aws-inspector.md +++ b/docs/platform-services/automation-service/app-central/integrations/aws-inspector.md @@ -6,8 +6,8 @@ import useBaseUrl from '@docusaurus/useBaseUrl'; aws -***Version: 1.2 -Updated: Jun 15, 2023*** +***Version: 1.3 +Updated: July 29, 2025*** Amazon Inspector enables you to analyze the behavior of your AWS resources and to identify potential security issues. @@ -27,6 +27,7 @@ import IntegrationsAuthAWS from '../../../../reuse/integrations-authentication-a import AWSRegions from '../../../../reuse/automation-service/aws/region.md'; import AWSAccesskey from '../../../../reuse/automation-service/aws/access-key.md'; import AWSSecret from '../../../../reuse/automation-service/aws/secret.md'; +import AWSIAMRole from '../../../../reuse/automation-service/aws/iam-role.md'; import IntegrationCertificate from '../../../../reuse/automation-service/integration-certificate.md'; import IntegrationEngine from '../../../../reuse/automation-service/integration-engine.md'; import IntegrationLabel from '../../../../reuse/automation-service/integration-label.md'; @@ -38,6 +39,7 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration * * * +* * * * @@ -53,3 +55,5 @@ For information about AWS Inspector, see [Inspector documentation](https://docs. * March 2, 2022 - First upload * March 10, 2022 - Logo * June 15, 2023 (v1.2) - Updated the integration with Environmental Variables +* July 29, 2025 (v1.3) - Added support for IAM role authentication - Users can now authenticate using an AWS IAM Role in addition to access key–based authentication. + diff --git a/docs/platform-services/automation-service/app-central/integrations/aws-private-certificate-authority.md b/docs/platform-services/automation-service/app-central/integrations/aws-private-certificate-authority.md index 588ffdc841..c00c3c17cd 100644 --- a/docs/platform-services/automation-service/app-central/integrations/aws-private-certificate-authority.md +++ b/docs/platform-services/automation-service/app-central/integrations/aws-private-certificate-authority.md @@ -6,8 +6,8 @@ import useBaseUrl from '@docusaurus/useBaseUrl'; aws -***Version: 1.0 -Updated: Mar 8, 2024*** +***Version: 1.1 +Updated: July 29, 2025*** AWS Private CA enables creation of private certificate authority (CA) hierarchies, including root and subordinate CAs, without the investment and maintenance costs of operating an on-premises CA. Your private CAs can issue end-entity X.509 certificates useful in scenarios including: @@ -33,6 +33,7 @@ import IntegrationsAuthAWS from '../../../../reuse/integrations-authentication-a import AWSRegions from '../../../../reuse/automation-service/aws/region.md'; import AWSAccesskey from '../../../../reuse/automation-service/aws/access-key.md'; import AWSSecret from '../../../../reuse/automation-service/aws/secret.md'; +import AWSIAMRole from '../../../../reuse/automation-service/aws/iam-role.md'; import IntegrationCertificate from '../../../../reuse/automation-service/integration-certificate.md'; import IntegrationEngine from '../../../../reuse/automation-service/integration-engine.md'; import IntegrationLabel from '../../../../reuse/automation-service/integration-label.md'; @@ -44,6 +45,7 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration * * * +* * **Session Token**. Enter the session token if you are using [temporary credentials](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html). * * @@ -59,3 +61,5 @@ For information about AWS Private Certificate Authority, see [AWS Private Certif ## Change Log * March 8, 2024 - First upload +* July 29, 2025 (v1.1) - Added support for IAM role authentication - Users can now authenticate using an AWS IAM Role in addition to access key–based authentication. + From fd80d8b6222e76bed80e282d3fcfa64ecff6706b Mon Sep 17 00:00:00 2001 From: "ruturaj.jain.ctr" Date: Thu, 14 Aug 2025 14:52:42 +0530 Subject: [PATCH 2/3] CSOAR-3717: Updated permission for integrations --- .../app-central/integrations/aws-athena.md | 22 ++++++++++++++ .../integrations/aws-cloudfront.md | 8 +++++ .../app-central/integrations/aws-ec2.md | 29 +++++++++++++++++++ 3 files changed, 59 insertions(+) diff --git a/docs/platform-services/automation-service/app-central/integrations/aws-athena.md b/docs/platform-services/automation-service/app-central/integrations/aws-athena.md index 6a52c74776..4a5a6b0408 100644 --- a/docs/platform-services/automation-service/app-central/integrations/aws-athena.md +++ b/docs/platform-services/automation-service/app-central/integrations/aws-athena.md @@ -60,6 +60,28 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration + + +## Required Permissions +``` + athena:StartQueryExecution + athena:GetQueryExecution + athena:GetQueryResults + athena:StopQueryExecution + athena:ListDatabases + athena:ListWorkGroups + athena:ListTableMetadata + glue:GetDatabase + glue:GetDatabases + glue:GetTable + glue:GetTables + glue:GetTableVersion + glue:GetTableVersions + s3:GetObject + s3:PutObject + s3:ListBucket +``` + For information about Amazon Athena, see [Athena documentation](https://docs.aws.amazon.com/athena/). ## External Libraries diff --git a/docs/platform-services/automation-service/app-central/integrations/aws-cloudfront.md b/docs/platform-services/automation-service/app-central/integrations/aws-cloudfront.md index bdd29e825b..6f3d52c5bd 100644 --- a/docs/platform-services/automation-service/app-central/integrations/aws-cloudfront.md +++ b/docs/platform-services/automation-service/app-central/integrations/aws-cloudfront.md @@ -52,6 +52,14 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration + + +## Required Permissions +``` + cloudfront:ListCloudFrontOriginAccessIdentities + cloudfront:GetCloudFrontOriginAccessIdentity +``` + For information about AWS CloudFront, see [CloudFront documentation](https://docs.aws.amazon.com/cloudfront/). ## Change Log diff --git a/docs/platform-services/automation-service/app-central/integrations/aws-ec2.md b/docs/platform-services/automation-service/app-central/integrations/aws-ec2.md index a627c7e728..3c318793a1 100644 --- a/docs/platform-services/automation-service/app-central/integrations/aws-ec2.md +++ b/docs/platform-services/automation-service/app-central/integrations/aws-ec2.md @@ -74,6 +74,35 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration + + +## Required Permissions +``` + ec2:AuthorizeSecurityGroupIngress + ec2:CreateSnapshot + ec2:DeleteSecurityGroup + ec2:DeleteSnapshot + ec2:DescribeAddresses + ec2:DescribeInstances + ec2:DescribeKeyPairs + ec2:DescribeRegions + ec2:DescribeSubnets + ec2:DescribeSecurityGroups + ec2:DescribeSnapshots + ec2:DescribeVolumes + ec2:DescribeVpcs + ec2:DisassociateAddress + ec2:GetPasswordData + ec2:MonitorInstances + ec2:ReleaseAddress + ec2:RebootInstances + ec2:RevokeSecurityGroupIngress + ec2:StartInstances + ec2:StopInstances + ec2:TerminateInstances + ec2:UnmonitorInstances +``` + For information about AWS EC2, see [EC2 documentation](https://docs.aws.amazon.com/ec2/). ## Change Log From 154d92253e62ca4b0108dd7d19c818903901944d Mon Sep 17 00:00:00 2001 From: John Pipkin Date: Thu, 21 Aug 2025 14:31:03 -0500 Subject: [PATCH 3/3] Updates from review --- .../app-central/integrations/aws-athena.md | 7 +++++-- .../app-central/integrations/aws-cloudfront.md | 7 +++++-- .../automation-service/app-central/integrations/aws-ec2.md | 7 +++++-- .../app-central/integrations/aws-inspector.md | 7 ++++++- .../integrations/aws-private-certificate-authority.md | 7 ++++++- 5 files changed, 27 insertions(+), 8 deletions(-) diff --git a/docs/platform-services/automation-service/app-central/integrations/aws-athena.md b/docs/platform-services/automation-service/app-central/integrations/aws-athena.md index 4a5a6b0408..dde7127ed8 100644 --- a/docs/platform-services/automation-service/app-central/integrations/aws-athena.md +++ b/docs/platform-services/automation-service/app-central/integrations/aws-athena.md @@ -34,6 +34,7 @@ To [get access key and secret access key](https://docs.aws.amazon.com/athena/lat import IntegrationsAuth from '../../../../reuse/integrations-authentication.md'; import IntegrationsAuthAWS from '../../../../reuse/integrations-authentication-aws.md'; +import IAMConfiguration from '../../../../reuse/automation-service/aws/iam-configuration.md'; import AWSRegions from '../../../../reuse/automation-service/aws/region.md'; import AWSAccesskey from '../../../../reuse/automation-service/aws/access-key.md'; import AWSSecret from '../../../../reuse/automation-service/aws/secret.md'; @@ -58,8 +59,12 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration AWS Athena configuration +For information about Amazon Athena, see [Athena documentation](https://docs.aws.amazon.com/athena/). + +### AWS IAM role-based access + ## Required Permissions @@ -82,8 +87,6 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration s3:ListBucket ``` -For information about Amazon Athena, see [Athena documentation](https://docs.aws.amazon.com/athena/). - ## External Libraries * [AWS Athena](https://github.com/boto/boto3/blob/develop/LICENSE) diff --git a/docs/platform-services/automation-service/app-central/integrations/aws-cloudfront.md b/docs/platform-services/automation-service/app-central/integrations/aws-cloudfront.md index 6f3d52c5bd..c02e248721 100644 --- a/docs/platform-services/automation-service/app-central/integrations/aws-cloudfront.md +++ b/docs/platform-services/automation-service/app-central/integrations/aws-cloudfront.md @@ -25,6 +25,7 @@ Amazon CloudFront integrates with AWS Identity and Access Management (IAM), a se import IntegrationsAuth from '../../../../reuse/integrations-authentication.md'; import IntegrationsAuthAWS from '../../../../reuse/integrations-authentication-aws.md'; +import IAMConfiguration from '../../../../reuse/automation-service/aws/iam-configuration.md'; import AWSRegions from '../../../../reuse/automation-service/aws/region.md'; import AWSAccesskey from '../../../../reuse/automation-service/aws/access-key.md'; import AWSSecret from '../../../../reuse/automation-service/aws/secret.md'; @@ -50,8 +51,12 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration AWS CloudFront configuration +For information about AWS CloudFront, see [CloudFront documentation](https://docs.aws.amazon.com/cloudfront/). + +### AWS IAM role-based access + ## Required Permissions @@ -60,8 +65,6 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration cloudfront:GetCloudFrontOriginAccessIdentity ``` -For information about AWS CloudFront, see [CloudFront documentation](https://docs.aws.amazon.com/cloudfront/). - ## Change Log * November 10, 2022 - First upload diff --git a/docs/platform-services/automation-service/app-central/integrations/aws-ec2.md b/docs/platform-services/automation-service/app-central/integrations/aws-ec2.md index 3c318793a1..8280071e71 100644 --- a/docs/platform-services/automation-service/app-central/integrations/aws-ec2.md +++ b/docs/platform-services/automation-service/app-central/integrations/aws-ec2.md @@ -50,6 +50,7 @@ Using the integration with EC2, you can enrich incidents with specific EC2 data, import IntegrationsAuth from '../../../../reuse/integrations-authentication.md'; import IntegrationsAuthAWS from '../../../../reuse/integrations-authentication-aws.md'; +import IAMConfiguration from '../../../../reuse/automation-service/aws/iam-configuration.md'; import AWSRegions from '../../../../reuse/automation-service/aws/region.md'; import AWSAccesskey from '../../../../reuse/automation-service/aws/access-key.md'; import AWSSecret from '../../../../reuse/automation-service/aws/secret.md'; @@ -72,8 +73,12 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration AWS EC2 configuration +For information about AWS EC2, see [EC2 documentation](https://docs.aws.amazon.com/ec2/). + +### AWS IAM role-based access + ## Required Permissions @@ -103,8 +108,6 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration ec2:UnmonitorInstances ``` -For information about AWS EC2, see [EC2 documentation](https://docs.aws.amazon.com/ec2/). - ## Change Log * October 9, 2019 - First upload diff --git a/docs/platform-services/automation-service/app-central/integrations/aws-inspector.md b/docs/platform-services/automation-service/app-central/integrations/aws-inspector.md index 6ee16322c9..185ebb5f66 100644 --- a/docs/platform-services/automation-service/app-central/integrations/aws-inspector.md +++ b/docs/platform-services/automation-service/app-central/integrations/aws-inspector.md @@ -24,6 +24,7 @@ Amazon Inspector enables you to analyze the behavior of your AWS resources and t import IntegrationsAuth from '../../../../reuse/integrations-authentication.md'; import IntegrationsAuthAWS from '../../../../reuse/integrations-authentication-aws.md'; +import IAMConfiguration from '../../../../reuse/automation-service/aws/iam-configuration.md'; import AWSRegions from '../../../../reuse/automation-service/aws/region.md'; import AWSAccesskey from '../../../../reuse/automation-service/aws/access-key.md'; import AWSSecret from '../../../../reuse/automation-service/aws/secret.md'; @@ -46,9 +47,13 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration AWS Inspector configuration +For information about AWS Inspector, see [Inspector documentation](https://docs.aws.amazon.com/inspector/). + -For information about AWS Inspector, see [Inspector documentation](https://docs.aws.amazon.com/inspector/). +### AWS IAM role-based access + + ## Change Log diff --git a/docs/platform-services/automation-service/app-central/integrations/aws-private-certificate-authority.md b/docs/platform-services/automation-service/app-central/integrations/aws-private-certificate-authority.md index c00c3c17cd..20d06da2b0 100644 --- a/docs/platform-services/automation-service/app-central/integrations/aws-private-certificate-authority.md +++ b/docs/platform-services/automation-service/app-central/integrations/aws-private-certificate-authority.md @@ -30,6 +30,7 @@ AWS Private CA enables creation of private certificate authority (CA) hierarchie import IntegrationsAuth from '../../../../reuse/integrations-authentication.md'; import IntegrationsAuthAWS from '../../../../reuse/integrations-authentication-aws.md'; +import IAMConfiguration from '../../../../reuse/automation-service/aws/iam-configuration.md'; import AWSRegions from '../../../../reuse/automation-service/aws/region.md'; import AWSAccesskey from '../../../../reuse/automation-service/aws/access-key.md'; import AWSSecret from '../../../../reuse/automation-service/aws/secret.md'; @@ -54,9 +55,13 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration AWS Private Certificate Authority configuration +For information about AWS Private Certificate Authority, see [AWS Private Certificate Authority documentation](https://docs.aws.amazon.com/privateca/). + -For information about AWS Private Certificate Authority, see [AWS Private Certificate Authority documentation](https://docs.aws.amazon.com/privateca/). +### AWS IAM role-based access + + ## Change Log