Temporary credentials Configuring CloudWatch logging

Generating IAM credentials and configuring CloudWatch logging

The DRSFA client requires AWS credentials to operate.

Important

Temporary credentials are the recommended option. They do not require rotation, cannot be reused after expiration, and provide enhanced security. You can specify how long they remain valid, up to a maximum limit.

Temporary credentials

To create temporary credentials:

Create a new IAM Role with the AWSElasticDisasterRecoveryFailbackInstallationPolicy policy.
Request temporary security credentials through AWS STS using the AssumeRole API.

Configuring CloudWatch logging

After generating credentials, create a CloudWatch log group named DRS_Mass_Failback_Automation. If this log group does not exist or has the wrong name, the DRSFA client still works but does not send logs to CloudWatch. Learn more about working with log groups in the Amazon CloudWatch Logs documentation.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Installing the DRSFA Client

Running the DRSFA client