In order to use infrastructure integrations, you need to grant New Relic permission to read the relevant data from your account. Amazon Web Services (AWS) uses managed policies to grant these permissions.
Recommendation: Grant an account-wide
ReadOnlyAccess managed policy from AWS. AWS automatically updates this policy when new services are added or existing services are modified. New Relic infrastructure integrations have been designed to function with
ReadOnlyAccess policies. For instructions, see Connect AWS integrations to infrastructure.
Exception: The Trusted Advisor integration is not covered by the
ReadOnlyAccess policy. It requires the additional
AWSSupportAccess managed policy. This is also the only integration that requires full access permissions (
support:*) in order to correctly operate. We notified Amazon about this limitation. Once it's resolved we'll update documentation with more specific permissions required for this integration.
If you cannot use the
ReadOnlyAccess managed policy from AWS, you can create your own customized policy based on the list of permissions. This allows you to specify the optimal permissions required to fetch data from AWS for each integration. While this option is available, it is not recommended because it must be manually updated when you add or modify your integrations.
New Relic has no way of identifying problems related to custom permissions. If you choose to create a custom policy, it is your responsibility to maintain it and ensure proper data is being collected.
Our CloudFormation template contains all the permissions for all our AWS integrations.
A user different than
root can be used in the managed policy.
To create your own policy using available permissions:
- Add the permissions for all integrations.
- Add permissions that are specific to the integrations you need
The following permissions are used by New Relic to retrieve data for specific AWS integrations:
If you need more help, check out these support and learning resources:
- Browse the Explorers Hub to get help from the community and join in discussions.
- Find answers on our sites and learn how to use our support portal.
- Run New Relic Diagnostics, our troubleshooting tool for Linux, Windows, and macOS.
- Review New Relic's data security and licenses documentation.