AWS

Connecting your AWS account to NOFire AI allows us to collect rich infrastructure metadata across your AWS environment. This metadata enhances NOFire AI’s understanding of your infrastructure landscape—enabling deeper context for investigations.

To ensure a smooth integration, we follow AWS’s best practices by utilizing an assumed role and external ID for secure access.

Step 1: Create IAM Role

Navigate to AWS IAM console

Access the AWS Management Console using an account that has the necessary permissions to create IAM roles. Then, proceed with the steps outlined below:

Access IAM: Navigate to the IAM service in the AWS console.

Copy the following IAM policy to attach it in the role we will create it later

nofireai-iam-policy.json

{
	"Version": "2012-10-17",
	"Statement": [
		{
			"Sid": "EC2Permissions",
			"Effect": "Allow",
			"Action": [
				"autoscaling:DescribeAutoScalingGroups",
				"autoscaling:DescribeAutoScalingInstances",
				"ec2:DescribeLaunchTemplateVersions",
				"ec2:DescribeInstances",
				"ec2:DescribeInstanceTypes"
			],
			"Resource": "*"
		},
		{
			"Sid": "RDSPermissions",
			"Effect": "Allow",
			"Action": [
				"rds:DescribeDBClusters",
				"rds:DescribeDBInstances",
				"rds:DescribeDBParameters"
			],
			"Resource": "*"
		},
		{
			"Sid": "EKSPermissions",
			"Effect": "Allow",
			"Action": [
				"eks:ListClusters",
				"eks:DescribeCluster"
			],
			"Resource": "*"
		}
	]
}

Create a new policy: In the navigation pane on the left, choose Policies > Create policy.
Finalize and review: Create a name and description for the IAM policy :

If everything looks great, click the Create policy button at the bottom right corner.
Create a new role: In the navigation pane on the left, choose Roles > Create role.
Enter credentials:
- Add NOFire AI’s Account ID: In the Account ID input box, paste the NOFire AI AWS Account ID: 593113792344. This will give us access to the IAM role.
- Add an External ID: Under Options, enter an external ID.
Assign permissions: On the permissions console, use the Filter and select Customer Managed. Search for the policy name you provider in step 4 and hit Next.
Finalize and review: Create a name and description for the IAM role, and then review the configurations.
If everything looks great, click the Create role button at the bottom right corner.
Copy the Role ARN: Once the role is created, navigate to it and copy the role ARN. You’ll need this to complete the connection setup on the NOFire AI dashboard.

Step 2: Add AWS Connection to NOFire AI

Navigate to the Connections Tab

Overview

Providers

Monitoring

Triggers

Logs

Traces

CI/CD

Step 1: Create IAM Role

Step 2: Add AWS Connection to NOFire AI

Overview

Providers

Monitoring

Triggers

Logs

Traces

CI/CD

​Step 1: Create IAM Role

​Step 2: Add AWS Connection to NOFire AI

Step 1: Create IAM Role

Step 2: Add AWS Connection to NOFire AI