<
From version < 1.11 >
edited by Vincent Massol
on 2021/08/26
To version < 1.12 >
edited by Sanchita Singh
on 2021/08/27
>
Change comment: added IAM roles for user permission

Summary

Details

Page properties
Author
... ... @@ -1,1 +1,1 @@
1 -XWiki.VincentMassol
1 +XWiki.Sanchita1411
Content
... ... @@ -65,6 +65,22 @@
65 65  
66 66  Here we will be using an IAM role with the least privileged access. We will not store SSH keys, secret keys, or access keys on the provisioned instances. A security group acts as a firewall that controls the traffic for one or more instances. When we launch an instance, we associate one or more security groups with the instance. we add rules to each security group that allows traffic to or from its associated instances. Here we will configure the security group to have inbound access to TCP 22 (permission to allow SSH from the internet), TCP 80 (permission to allow HTTP access from the internet), TCP 443 (permission to allow HTTPS access from the internet), and also will allow port 8080 access.
67 67  
68 +Here's a list of the IAM policies and roles required to run this deployment. If you are using an IAM user make sure to attach a minimum of these policies to your user.
69 +
70 +* AmazonRDSfullAccess
71 +* AmazonS3fullAccess
72 +* AmazonECS_FullAccess
73 +* AWSKeyManagementServicePowerUser
74 +* AWSCloudFormationFullAccess
75 +* EFSAII
76 +* IAMCreateRole
77 +* IAMDeleteRole
78 +* IAMGetRole
79 +* IAMRolePolicy
80 +* KMSAII
81 +* KMSPutKeyPolicy
82 +* SecretsAll
83 +
68 68  = Additional Resources =
69 69  
70 70  * [[Amazon EC2>>url:https://aws.amazon.com/documentation/ec2/]]
... ... @@ -77,4 +77,3 @@
77 77  * [[Elastic Load Balancing>>url:https://aws.amazon.com/documentation/elastic-load-balancing/]]
78 78  * [[Amazon CloudFront>>url:https://aws.amazon.com/documentation/cloudfront/]]
79 79  * [[Amazon Route 53>>url:https://aws.amazon.com/documentation/route53/]]
80 -

Get Connected