As a born-in-the-cloud, native service, ChaosSearch uses your policies and IAM provisioning rules to index only the data that you designate, and all your data—raw source and ChaosSearch index data and configuration—remains in your cloud storage under your provisioning control.
You create and manage all your cloud storage buckets and ship/write your data such as your log and event files to those bucket(s) to build your data lake repository, as described in Traditional Log Shipping .
When you configure ChaosSearch to index those important log and event files, an important step is for you to create:
- An IAM role for ChaosSearch in your environment
- A policy that defines your cloud storage bucket(s) that ChaosSearch can list and read to find log and event files for indexing
- An association of that role and policy to provision ChaosSearch access
The topics in this section describe different methods that you can use to provision the ChaosSearch access. You could use IAM UIs for manual configuration, or automated provisioning apps like AWS CloudFormation or Terraform as scripted methods. Use the option that works best for your environment and practices.
These topics assume that you have experience working with your cloud-service provider, creating buckets, and using the IAM administrative tools or programmatic options to create and manage its resources. ChaosSearch Customer Success can also help you with these procedures if needed.
Updated 3 months ago