Step 1: Create IAM Role
Navigate to AWS IAM console
Navigate to AWS IAM console
Access the AWS Management Console using an account that has the necessary permissions to create IAM roles. Then, proceed with the steps outlined below:
- Access IAM: Navigate to the IAM service in the AWS console.
-
Copy the following IAM policy to attach it in the role we will create it later
nofireai-iam-policy.json
-
Create a new policy: In the navigation pane on the left, choose Policies > Create policy.
-
Finalize and review: Create a name and description for the IAM policy:
-
Create a new role: In the navigation pane on the left, choose Roles > Create role.
-
Enter credentials:
- Add NOFire AI’s Account ID: In the Account ID input box, paste the NOFire AI AWS Account ID: 593113792344. This will give us access to the IAM role.
-
Add an External ID: Under Options, enter an external ID.
-
Assign permissions: On the permissions console, use the Filter and select Customer Managed. Search for the policy name you provider in step 4 and hit Next.
-
Finalize and review: Create a name and description for the IAM role, and then review the configurations.
-
If everything looks great, click the Create role button at the bottom right corner.
- Copy the Role ARN: Once the role is created, navigate to it and copy the role ARN. You’ll need this to complete the connection setup on the NOFire AI dashboard.
Step 2: Add AWS CloudWatch Connection to NOFire AI
Navigate to the Connections Tab
Navigate to the Connections Tab
-
In the NOFire AI dashboard, go to the Connections section and click on Add New Connection.
-
Select CloudWatch: From the list available connections
Then, click Next at the top right corner.
-
Enter credentials:
- Connection name (eg. production),
- IAM ARN
-
External ID
Click Save to create the connection
- Once the connection to your log source is established, NOFire AI will query and analyze logs on-demand as part of its automated root cause analysis. Logs are used to enrich the investigation process.