Skip to content

Commit

Permalink
iam users
Browse files Browse the repository at this point in the history
  • Loading branch information
@cppforlife
cppforlife committed Nov 24, 2015
1 parent 2e6db84 commit b58266e
Show file tree
Hide file tree
Showing 10 changed files with 66 additions and 21 deletions.
63 changes: 63 additions & 0 deletions aws-iam-users.html.md.erb
View file
@@ -0,0 +1,63 @@
---
title: Creating IAM Users
---

## <a id="create"></a> Creating new use user

1. Log into the AWS console: [https://console.aws.amazon.com/console/home](https://console.aws.amazon.com/console/home).

<%= image_tag("images/deploy-microbosh-to-aws/account-dashboard.png") %>

1. Click your account name and select **Security Credentials**.

<%= image_tag("images/deploy-microbosh-to-aws/security-credentials-menu.png") %>

1. If the AWS IAM confirmation box is presented, click **Get Started with IAM Users** to go to IAM Users management page. Alternatively go directly to [users list](https://console.aws.amazon.com/iam/home#users).

<%= image_tag("images/deploy-microbosh-to-aws/iam-modal.png") %>

1. Click **Create New Users** button.

<%= image_tag("images/deploy-microbosh-to-aws/list-iam-users.png") %>

1. Enter a descriptive name for a new user, make sure that access keys will be generated for each user and click **Create** button.

<%= image_tag("images/deploy-microbosh-to-aws/create-iam-users.png") %>

1. Record **Access Key ID** and **Secret Access Key** for later use. Click **Close** link to get back to the list of users.

<%= image_tag("images/deploy-microbosh-to-aws/get-iam-creds.png") %>

1. Click on a new user from the list of users.

1. Click on **Inline Policies** panel and choose to create a new inline policy.

<%= image_tag("images/deploy-microbosh-to-aws/attach-iam-policy.png") %>

1. Add a policy configuration for the chosen user and click **Apply Policy**.

<%= image_tag("images/deploy-microbosh-to-aws/add-iam-inline-policy.png") %>

For example your aws-cpi's inline policy allows full EC2 and ELB access:

```yaml
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1448388791000",
"Effect": "Allow",
"Action": [ "ec2:*" ],
"Resource": [ "*" ]
},
{
"Sid": "Stmt1448389431000",
"Effect": "Allow",
"Action": [ "elasticloadbalancing:*" ],
"Resource": [ "*" ]
}
]
}
```

<p class="note">Note: It's highly encouraged to set very restrictive policy to limit unncessary access.</p>
Binary file added images/deploy-microbosh-to-aws/add-iam-inline-policy.png
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added images/deploy-microbosh-to-aws/attach-iam-policy-expanded.png
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added images/deploy-microbosh-to-aws/attach-iam-policy.png
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added images/deploy-microbosh-to-aws/create-iam-users.png
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added images/deploy-microbosh-to-aws/get-iam-creds.png
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added images/deploy-microbosh-to-aws/iam-modal.png
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added images/deploy-microbosh-to-aws/list-iam-users.png
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
1 change: 1 addition & 0 deletions index.html.md.erb
View file
Expand Up @@ -68,6 +68,7 @@ title: Index
* [AWS](aws-cpi.html)
* [Using IAM instance profiles](aws-iam-instance-profiles.html)
* [Using instance storage](aws-instance-storage.html)
* [Creating IAM users](aws-iam-users.html)
* [OpenStack](openstack-cpi.html)
* [Using Keystone v3 API](openstack-keystonev3.html)
* [Extended Registry configuration](openstack-registry.html)
Expand Down
23 changes: 2 additions & 21 deletions init-aws.html.md.erb
View file
Expand Up @@ -172,29 +172,10 @@ To configure your AWS account for MicroBOSH:
* [Create a Key Pair](#create-key-pair)
* [Create and Configure Security Group](#create-security)

---
### <a id="credentials"></a> Obtain AWS Credentials

Your AWS credentials consist of an Access Key ID and a Secret Access Key. If you already know your AWS credentials you can skip this step and replace `ACCESS-KEY-ID` and `SECRET-ACCESS-KEY` in your deployment manifest.

1. Log into the AWS console: [https://console.aws.amazon.com/console/home](https://console.aws.amazon.com/console/home).

<%= image_tag("images/deploy-microbosh-to-aws/account-dashboard.png") %>

1. Click your account name and select **Security Credentials**.

<%= image_tag("images/deploy-microbosh-to-aws/security-credentials-menu.png") %>

1. If the AWS IAM confirmation box is presented, click **Continue to Security Credentials** to display the Security Credentials page.

1. Expand the **Access Keys** section and click **Create New Access Key**.

<%= image_tag("images/deploy-microbosh-to-aws/security-credentials-dashboard.png") %>

1. Replace `ACCESS-KEY-ID` and `SECRET-ACCESS-KEY` in your deployment manifest with the **Access Key ID** and **Secret Access Key** shown.

<%= image_tag("images/deploy-microbosh-to-aws/access-keys-modal.png") %>

1. Close the dialog box.
Your AWS credentials consist of an Access Key ID and a Secret Access Key. Follow [Creating IAM Users](aws-iam-users.html#create) to create a new IAM user and replace `ACCESS-KEY-ID` and `SECRET-ACCESS-KEY` in your deployment manifest.

---
### <a id="create-vpc"></a> Create a Virtual Private Cloud (VPC)
Expand Down

0 comments on commit b58266e

Please sign in to comment.