Skip to main content

Prerequisites

  • An AWS account with the services you want to monitor (CloudWatch, RDS, S3)
  • Permissions to create IAM roles and policies in your AWS account

Step-by-Step Setup

1. Navigate to Integrations

In your Corelayer dashboard, go to the Integrations page.

2. Add AWS Integration

Click the Add Integration button and select AWS from the list of available integrations.

3. Select Services

Choose which AWS services you want Corelayer to monitor:
  • CloudWatch — Log group monitoring and analysis
  • RDS — Database instance monitoring
  • S3 — Bucket access for relevant data

4. Enter Your AWS Account Number

Provide your 12-digit AWS account number. Corelayer will generate an external ID for secure cross-account access.

5. Create the IAM Policy

Corelayer will provide a JSON policy document. Create this policy in your AWS IAM console:
  1. Go to IAM > Policies > Create Policy
  2. Select the JSON tab
  3. Paste the provided policy document
  4. Name the policy (e.g., CorelayerPolicy)

6. Create the IAM Role

Create an IAM role for Corelayer to assume:
  1. Go to IAM > Roles > Create Role
  2. Select Custom trust policy
  3. Paste the trust policy provided by Corelayer (includes the external ID)
  4. Attach the policy you created in the previous step
  5. Name the role (e.g., CorelayerRole)

7. Enter the Role ARN

Copy the ARN of the role you created and paste it into the Corelayer setup form. Click Test Connection to verify access.

8. Select Resources

Once connected, select the specific resources you want Corelayer to monitor:
  • CloudWatch Log Groups — Choose which log groups to include
  • RDS Instances — Select database instances to monitor
  • S3 Buckets — Pick buckets relevant to your services

9. Add AWS Resources to Your Service Maps

When configuring your Corelayer Service Maps, select which AWS resources are relevant to each service.

What Corelayer Can Do With AWS

Once connected, Corelayer will:
  • Monitor CloudWatch log groups for errors and anomalies
  • Query RDS database instances to gather context during debugging
  • Access S3 buckets for configuration and data context
  • Correlate AWS resource data with other integrations to identify root causes

Managing Your Integration

Disconnecting

To disconnect your AWS integration:
  1. Navigate to Settings > Integrations
  2. Find your AWS integration and click Uninstall
  3. Confirm the uninstallation
  4. Optionally, delete the IAM role and policy from your AWS account

Troubleshooting

Integration Not Working?

  • Verify the IAM role ARN is correct
  • Ensure the trust policy includes the correct external ID
  • Check that the IAM policy grants the required permissions
  • Confirm the role can be assumed by Corelayer’s AWS account
  • Verify the selected resources exist and are accessible
Need help? Contact support for assistance with your AWS integration.