Configure Cloud Storage Access

As a born-in-the-cloud, native service, ChaosSearch uses your policies and IAM provisioning rules to index only the data that you designate, and keeps all your data in storage that is your access management.

You create and manage all your cloud storage buckets and ship/write your log and event files to those bucket(s) to build your data repository, as described in Traditional Log Shipping .

When you configure ChaosSearch to index those important log and event files, an important step is for you to create:

• An IAM role for ChaosSearch in your environment
• A policy that defines your cloud storage bucket(s) that ChaosSearch can list and read to find log and event files for indexing
• An association of that role and policy to provision ChaosSearch access

The topics in this section describe different methods that you can use to provision the ChaosSearch access. You could use IAM UIs for manual configuration, or automated provisioning apps like AWS CloudFormation or Terraform as scripted methods. You can use the option that works best for your environment and practices.

These topics assume that you have experience working with your cloud-service provider, creating buckets, and using the IAM administrative tools or programmatic options to create and manage its resources. ChaosSearch Customer Success can also help you with these procedures when needed.