For a Lacework agent to be able to retrieve the EC2 instance 'Name' tag, the EC2 instance must have permission to DescribeTags. To provide the necessary permission, login to the IAM service.
- Select [Policies]
- Click the [Create policy] button
- Select the JSON tab and replace the displayed policy with:
- Click the [Review policy] button
- Enter a policy name and description; click the [Create policy] button
After creating the policy, associate it with a role that can be attached to EC2 instances.
- Select [Roles]
- Click the [Create role] button
- Select [AWS service] and [EC2]; click the [Next: Permissions] button
- Search for your newly created policy, select it and click the [Next: Review] button
- Enter a role name, update the description if you want and click the [Create role] button
After creating the role and policy, navigate to the EC2 service and select the instance for which you want to retrieve the 'Name' tag.
Under Actions > Instance Settings > Attach/Replace IAM Role, enter the just created IAM role and click the [Apply] button.
The next time the Lacework agent forwards data, you will see the 'Name' field populated.