AWS

Connect Cased to AWS to manage and monitor your cloud infrastructure

Setup Steps

1. In your AWS Management Console go to the IAM service

2. Create IAM Policy under Policies create a new policy in the JSON editor.

3. Paste this JSON into the policy editor and name is CasedPolicy.

   CasedPolicy

   {
     "Version": "2012-10-17",
     "Statement": [
       {
         "Effect": "Allow",
         "Action": [
           "autoscaling:Describe*",
           "cloudformation:Describe*",
           "cloudformation:ListStacks",
           "cloudfront:ListDistributions",
           "cloudtrail:DescribeTrails",
           "cloudtrail:GetTrail",
           "cloudtrail:GetTrailStatus",
           "cloudtrail:LookupEvents",
           "cloudwatch:GetMetricData",
           "cloudwatch:GetMetricStatistics",
           "cloudwatch:GetMetricWidgetImage",
           "cloudwatch:ListMetrics",
           "dynamodb:DescribeTable",
           "dynamodb:ListTables",
           "ec2:DescribeInstances",
           "ec2:DescribeNetworkInterfaces",
           "ec2:DescribeSecurityGroups",
           "ec2:DescribeSubnets",
           "ec2:DescribeVpcs",
           "ecs:DescribeClusters",
           "ecs:DescribeServices",
           "ecs:DescribeTaskDefinition",
           "ecs:DescribeTasks",
           "ecs:ListClusters",
           "ecs:ListServices",
           "ecs:ListTasks",
           "ecr:DescribeRepositories",
           "ecr:GetLifecyclePolicy",
           "ecr:GetRegistryScanningConfiguration",
           "ecr:GetRepositoryPolicy",
           "ecr:ListImages",
           "ecr:ListTagsForResource",
           "eks:ListClusters",
           "eks:DescribeCluster",
           "eks:ListNodegroups",
           "elasticache:Describe*",
           "elasticache:ListTagsForResource",
           "elasticbeanstalk:DescribeEnvironments",
           "elasticloadbalancing:DescribeLoadBalancers",
           "iam:GetPolicy",
           "iam:GetPolicyVersion",
           "iam:GetRole",
           "iam:ListAttachedRolePolicies",
           "iam:ListPolicies",
           "iam:ListRoles",
           "iam:ListUsers",
           "kms:DescribeKey",
           "kms:ListKeys",
           "lambda:ListFunctions",
           "logs:DescribeLogStreams",
           "logs:DescribeLogGroups",
           "logs:GetLogEvents",
           "logs:FilterLogEvents",
           "rds:DescribeDBInstances",
           "rds:DescribeDBSnapshots",
           "rds:DescribeEvents",
           "rds:ListTagsForResource",
           "s3:GetBucketLifecycleConfiguration",
           "s3:GetBucketLocation",
           "s3:GetBucketPublicAccessBlock",
           "s3:GetBucketTagging",
           "s3:GetBucketVersioning",
           "s3:GetEncryptionConfiguration",
           "s3:GetObject",
           "s3:ListAllMyBuckets",
           "s3:ListBucket",
           "sns:ListSubscriptions",
           "sns:ListTopics",
           "sqs:ListQueues"
         ],
         "Resource": "*"
       }
     ]
   }

   Note

   The policy grants read-only access to common AWS services. This allows Cased to:

   • List and describe EC2 instances
   • View CloudWatch metrics
   • Access CloudTrail logs
   • List resources in ECS, RDS, and other services

   No write permissions are included in this policy.

4. Create IAM Role

   • Open IAM in AWS Console
   • Go to Roles → Create role
   • Choose “AWS account” as trusted entity type
   • Enter Cased account ID: 495860673956
   • Attach the policy you created
   • Name the role (e.g., CasedRole)

5. Almost done! Configure Cased:

   • Copy your Role ARN from the role summary page
   • Format: arn:aws:iam::<YOUR_ACCOUNT_ID>:role/CasedRole
   • Paste the ARN in Cased’s AWS connection settings
   • Select your AWS region