Change comment:
added IAM roles for user permission
Summary
-
Page properties (2 modified, 0 added, 0 removed)
Details
- Page properties
-
- Author
-
... ... @@ -1,1 +1,1 @@ 1 -XWiki. VincentMassol1 +XWiki.Sanchita1411 - Content
-
... ... @@ -65,6 +65,22 @@ 65 65 66 66 Here we will be using an IAM role with the least privileged access. We will not store SSH keys, secret keys, or access keys on the provisioned instances. A security group acts as a firewall that controls the traffic for one or more instances. When we launch an instance, we associate one or more security groups with the instance. we add rules to each security group that allows traffic to or from its associated instances. Here we will configure the security group to have inbound access to TCP 22 (permission to allow SSH from the internet), TCP 80 (permission to allow HTTP access from the internet), TCP 443 (permission to allow HTTPS access from the internet), and also will allow port 8080 access. 67 67 68 +Here's a list of the IAM policies and roles required to run this deployment. If you are using an IAM user make sure to attach a minimum of these policies to your user. 69 + 70 +* AmazonRDSfullAccess 71 +* AmazonS3fullAccess 72 +* AmazonECS_FullAccess 73 +* AWSKeyManagementServicePowerUser 74 +* AWSCloudFormationFullAccess 75 +* EFSAII 76 +* IAMCreateRole 77 +* IAMDeleteRole 78 +* IAMGetRole 79 +* IAMRolePolicy 80 +* KMSAII 81 +* KMSPutKeyPolicy 82 +* SecretsAll 83 + 68 68 = Additional Resources = 69 69 70 70 * [[Amazon EC2>>url:https://aws.amazon.com/documentation/ec2/]] ... ... @@ -77,4 +77,3 @@ 77 77 * [[Elastic Load Balancing>>url:https://aws.amazon.com/documentation/elastic-load-balancing/]] 78 78 * [[Amazon CloudFront>>url:https://aws.amazon.com/documentation/cloudfront/]] 79 79 * [[Amazon Route 53>>url:https://aws.amazon.com/documentation/route53/]] 80 -