-
Log onto AWS and navigate to the IAM policy panel
-
Create a IAM Policy
-
Write a name and description for the policy, paste in the below policy document, then create the policy by clicking the button in the lower right corner.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "EC2Policies",
"Action": [
"ec2:AllocateAddress",
"ec2:AssociateAddress",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:AuthorizeSecurityGroupEgress",
"ec2:CreateSecurityGroup",
"ec2:ImportKeyPair",
"ec2:CreateTags",
"ec2:CreateSecurityGroup",
"ec2:DescribeSecurityGroups",
"ec2:DescribeAddresses",
"ec2:DescribeImages",
"ec2:DescribeInstances",
"ec2:DescribeKeyPairs",
"ec2:DescribeSubnets",
"ec2:RevokeSecurityGroupEgress",
"ec2:RevokeSecurityGroupIngress",
"ec2:RunInstances",
"ec2:DeleteKeyPair"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Sid": "CloudwatchPolicies",
"Action": [
"cloudwatch:DescribeAlarms",
"cloudwatch:PutMetricAlarm"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Sid": "IAMPolicies",
"Action": [
"iam:CreateServiceLinkedRole"
],
"Effect": "Allow",
"Resource": "*"
}
]
}
- You should see a confirmation screen similar to the below:
-
Navigate to the IAM User panel
-
Add a user name, select the
programmatic accessaccess type. Then click theNext: Permissionsbutton
-
Set the permissions for the IAM User by attaching the policy created above.
-
Review the changes, the click the
Create Userbutton
-
After the confirmation screen, download the
.csvfile — you'll use it when setting up your VPN.
