Skip to content

Manage AWS Accounts for Splunk Add-on for Amazon Web Services

Add and manage AWS Accounts

Perform the following steps to add an AWS account:

  1. On the Splunk Web home page, click Splunk Add-on for AWS in the left navigation bar.
  2. Click Configuration in the app navigation bar. The add-on displays the Account tab.
  3. Click Add.
  4. Name the AWS account. You cannot change this name once you configure the account.
  5. Enter the Key ID and Secret Key credentials for the AWS account that the Splunk platform uses to access your AWS data. The accounts that you configure must have the necessary permissions to access the AWS data that you want to collect.
  6. Select the Region Category for the account. The most common category is **
  7. Click Add.

Edit existing accounts by clicking Edit in the Actions column.

Delete an existing account by clicking Delete in the Actions column. You cannot delete accounts that are associated with any inputs, even if those inputs are disabled. To delete an account, delete the inputs or edit them to use a different account and then delete the account.

Note

To use custom commands and alert actions, you must set up at least one AWS account on your Splunk platform deployment search head or search head cluster.

Add and manage AWS Private accounts

Private account configurations are for users who want to use regional or private endpoints for account validation.

Perform the following steps to add a private AWS account:

  1. On the Splunk Web home page, click Splunk Add-on for AWS in the left navigation bar.
  2. Click Configuration in the app navigation bar. The add-on displays the Account tab.
  3. Click the Private Account tab.
  4. Click Add.
  5. Name the AWS private account. You cannot change this name once you configure the account.
  6. Enter the Key ID and Secret Key credentials for the AWS account that the Splunk platform uses to access your AWS data. The accounts that you configure must have the necessary permissions to access the AWS data that you want to collect.
  7. Select the Region Category for the private account. The most common category is Global.
  8. Select the Region you want o use for regional endpoints to authenticate account credentials.
  9. (Optional) To use private endpoints for account validation, click the Use Private Endpoints checkbox and enter the private endpoint URL of your AWS Security Token Service (STS). This step is only required if you have specific requirements for your private endpoints.
  10. Click Add.

Edit existing private accounts by clicking Edit in the Actions column of the Private Account tab.

Delete an existing private account by clicking Delete in the Actions column. You cannot delete private accounts that are associated with any inputs, even if those inputs are disabled. To delete a private account, delete the inputs or edit them to use a different account or private account and then delete the private account.