/
AWS GovCloud and SQS Collectors
AWS GovCloud and SQS Collectors
- Laszlo Frazer
Owned by Laszlo Frazer
[ 1 Requirements ] [ 2 Example Collector Configuration ]
Requirements
FedRAMP customers who access Devo through devogov.us should send data from their AWS GovCloud partition account to Devo using the SQS collector with cross account roles.
To send data from any non-GovCloud partition to devogov.us, use access key authentication.
GovCloud configuration must be applied to every policy and configuration file.
Field | GovCloud value | Non-GovCloud value |
|---|---|---|
Partition |
| aws |
Devo’s AWS account |
| 837131528613 |
Devo’s Role |
| arn:aws:iam::476382791543:role/devo-xaccount-cc |
The aws_base_account_role line must be included in the configuration of GovCloud SQS collectors. It may be omitted in other SQS collectors.
Example Collector Configuration
{
"inputs": {
"sqs_collector": {
"base_url": "https://sqs.us-gov-west-1.amazonaws.com/012345678901/examplesqs",
"credentials": {
"aws_base_account_role": "arn:aws-us-gov:iam::210253767148:role/devo-xaccount-cc",
"aws_cross_account_role": "arn:aws-us-gov:iam::012345678901:role/examplesqs",
"aws_external_id": "child@parent.collector.devogov.us"
},
"id": "12345",
"region": "us-gov-west-1",
"services": {
"aws_sqs_waf": {}
}
}
}
}, multiple selections available,
Related content
AWS GovCloud and SQS Collectors
AWS GovCloud and SQS Collectors
More like this
Parameters for Custom SQS Collectors
Parameters for Custom SQS Collectors
More like this
Parameters for Custom SQS Collectors
Parameters for Custom SQS Collectors
More like this
Authorize SQS Data Access
Authorize SQS Data Access
More like this
AWS SQS collector
AWS SQS collector
More like this
Access Key and Secret Authentication for AWS SQS
Access Key and Secret Authentication for AWS SQS
More like this