16 Oct 2024
04:15 PM
- last edited on
17 Oct 2024
08:44 AM
by
MaciejNeumann
Hi,
We would like to create a policy to execute DQL queries only to read SQL extension logs.
Do you know which IAM policies are required to limit query only to those logs?
This is not working:
ALLOW storage:buckets:read WHERE storage:bucket-name = "dt_system_events";
ALLOW storage:system:read WHERE storage:event.provider = "com.dynatrace.extension.sql-server";
Thank you!
Best regards
16 Oct 2024 11:49 PM
Hi @AntonPineiro , can you please try changing your second policy statement as below and see if that helps?
ALLOW storage:buckets:read WHERE storage:bucket-name = "dt_system_events";
ALLOW storage:logs:read WHERE storage:log.source = "com.dynatrace.extension.sql-server";