Connecting your Cloud to SenseDeep

To view your logs, you need to add an AWS cloud credential to SenseDeep.

Your AWS credentials should be for an IAM user that has access to your CloudWatch Logs. You can use credentials for an existing IAM user if you wish, but we recommend that you create a dedicated IAM user using the IAM role described below which has with minimal privilege.

Creating an IAM Managed Policy

To create an IAM policy with permission to your log files, run the AWS console by following this link:$new?step=edit

Policy Create

Select the "JSON" tab and paste the policy below into the text area.

  "Version": "2012-10-17",
  "Statement": [{
      "Sid": "SenseDeepAccess",
      "Action": [
      "Resource": "*",
      "Effect": "Allow"

This policy grants access to AWS logs and streams and to manage AWS logs groups and retention settings.

Policy JSON

Click "Review Policy" and give the policy the name "SenseDeepPolicy" and a suitable description. Then click "Create Policy".

Policy Naming

Creating an IAM User

Next create an IAM user that will utilize that policy by following this link:$new?step=details

User Create

Enter the user name "SenseDeepUser" and click "Programatic Access" and then click "Next".

User Attach Policy

Select "Attach Existing Policies directly" and enter "SenseDeepPolicy" in the "Filter Policies" box and then select the policy checkbox and click "Next".

User Review

Review and click "Create user".

User Review

Click "Download .csv" to download your Access and Secret Keys or cut and paste directly from the screen. You will enter these keys in the SenseDeep "Add Cloud" dialog.

© SenseDeep® LLC. All rights reserved. Privacy Policy and Terms of Use.


This web site uses cookies to provide you with a better viewing experience. Without cookies, you will not be able to view videos, contact chat or use other site features. By continuing, you are giving your consent to cookies being used.