Skip to main content

I’m aware there is a new Feature: SQS V2 to ingest logs to Google SecOps using Federated ID as stated in this update.

https://cloud.google.com/chronicle/docs/release-notes#May_26_2025

 

At the moment I’m using SQS and static keys and I’m interested in moving over to Federated IDs.  However,   I can’t seem to figure out how STS play a role here. Current documentation assumes  STS its already present.    Do I need to set STS before I can migrate over? if so how can I set up to ingest into my current Google SecOps instance.    I’ve opened a support ticket, look for docs to help me get this going.    Seems support its lost and so I’m. I can’t find clear docs on this.

Has anyone use STS + SQSv2 yet?  and or also looking into this?

 

Thanks in advance for any pointers in the right direction.

 

 

 

Are you using the documentation provided here? Feed Management API - AMAZON_SQS_V2

 

Thanks for the reply, much appreciated.

 Yeah. I’ve seen this doc.  Seems it assumes there is an STS running, 

quoting here:

Enable access to your Amazon S3 storage

This feed source uses the Storage Transfer Service (STS) to transfer data from Amazon S3 to Google SecOps. Before using this feed source, you may need to add the IP ranges used by STS workers to your list of allowed IPs

 

We don’t seem to have STS running afaik in our current Google Secops set up, so no idea then where I can get this IPs in the first place.  

 

Thanks,

Maybe start here (more on the GCP side of things) https://cloud.google.com/storage-transfer/docs/overview

Reply


Terms & ConditionsCookie settings
Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

© 2025 Google. All rights reserved.