Set the AmazonSNS permission in AWS

You need to edit permissions in your AWS account before you integrate Sophos Cloud Optix with Amazon SNS.

Note You must locate the Sophos Cloud Optix read-only IAM role in AWS. Depending on when your AWS environments were added to Sophos Cloud Optix, this may be called Sophos-Optix-role or Avid-Role.

You can edit the permissions in one of the following ways.

Attach an AWS managed policy to the role

  1. In your AWS console, go to your AWS account.
  2. Go to Roles and select the Sophos Cloud Optix read-only IAM role.
  3. Select Attach Policy, search for "AmazonSNSFullAccess" and attach it.

Create a new policy and attach it to the role

  1. In your AWS console, go to your AWS account.
  2. Go to Roles and select the Sophos Cloud Optix read-only IAM role.
  3. Select Attach Policy and click Create Policy.
  4. In the policy:
    • In Service, select SNS.
    • In Action, under Write select Publish.
    • In Resource, click Specific and click Add ARN. Add Account-Id, Region and Topic Name.
  5. Name the policy and click Create.
  6. In the Attach screen, search for the policy you've just created, and attach it to the role.

Create an inline policy

  1. In your AWS console, go to your AWS account.
  2. Go to Roles and select the Sophos Cloud Optix read-only IAM role.
  3. Click Add Inline Policy.
  4. In the policy:
    • In Service, select SNS.
    • In Action, under Write select Publish.
    • In Resource, click Specific and click Add Arn. Add Account-Id, Region and Topic Name.
  5. Name the policy and click Create.