Configure Cloud Storage Access

As a born-in-the-cloud, native service, ChaosSearch uses your policies and IAM provisioning rules to index only the data in the buckets that you designate. All your data—raw source, ChaosSearch index data, and metadata configuration—remains in your cloud storage under your provisioning control.

You create and manage all your cloud storage buckets and ship/write your log/business data to those buckets to build your data lake repository, as described in Traditional Log Shipping .

When you configure ChaosSearch to index those important log and event files, an important step is for you to create:

• An IAM role for ChaosSearch in your environment
• A policy that defines your cloud storage bucket(s) that ChaosSearch can list and read to find log and event files for indexing
• An association of that role and policy to provision ChaosSearch access

The topics in this section describe different methods that you can use to provision the ChaosSearch access. You could use IAM UIs for manual configuration, or automated provisioning apps like AWS CloudFormation or Terraform as scripted methods. Use the option you prefer for your environment and practices.

These topics assume that you have experience working with your cloud-service provider, creating buckets, and using the IAM administrative tools or programmatic options to create and manage its resources. ChaosSearch Customer Success can also help you with these procedures as needed.