Creating Roles - Kahuna915/Capstone-Cloud-Integration GitHub Wiki
Select the Trusted Entity Type of role you would like to create
-
This will determine what the account will be able to perform (We are choosing AWS service)
-
Select the Service in which you would like to use this role.
- Select the permissions for this role. In this case we are giving it full EC2 access so the role can be used to manage anything within EC2 and nothing else.
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "ec2:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "elasticloadbalancing:*",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "cloudwatch:*",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "autoscaling:*",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "iam:CreateServiceLinkedRole",
"Resource": "*",
"Condition": {
"StringEquals": {
"iam:AWSServiceName": [
"autoscaling.amazonaws.com",
"ec2scheduled.amazonaws.com",
"elasticloadbalancing.amazonaws.com",
"spot.amazonaws.com",
"spotfleet.amazonaws.com",
"transitgateway.amazonaws.com"
]
}
}
}
]
}
- Name the role, give it a description, and Select the Trusted Entities
