This update applies to deployments configured using automatic mode, and outlines the changes to the IAM policy required for this deployment mode. The IAM policy required for manual deployments had been previously updated.
To support a change made by Amazon Web Services (AWS), Fortra's Alert Logic is transitioning to Launch Templates for Automatic mode deployments. This change requires customers to update the IAM role used by Alert Logic to include new permissions related to Launch Templates. Automatic mode deployments previously used Launch Configurations, which will no longer be supported by AWS for new accounts created after January 1, 2024.
Note: Existing deployments and AWS accounts are not affected by this change and will continue to function; however, new AWS deployments will need the updated permissions to be successful.
Updated IAM Role Policy
In preparation for this change, an updated policy document will be released on December 7, 2023, which can be used to update the IAM role in AWS. Once the new policy document is released, you will see a remediation in the Alert Logic console indicating your policy is out of date until you update the IAM role.
To update the AWS IAM role using the new policy document, follow the steps in our Update AWS IAM Roles documentation. Alert Logic recommends updating your policy as soon as possible to clear the related remediation and avoid issues with any future deployments.
New Permissions for AWS Launch Templates
When using the new policy, the following permissions will be added to the IAM role to support the use of Launch Templates:
These permissions are required for automatic mode deployments to be successful.
- Alert Logic documentation regarding AWS deployment types, including information about automatic and manual deployment
- AWS Launch Configuration User Guide
- General information from AWS regarding migration to launch templates