Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
2e6db84
commit b58266e
Showing
10 changed files
with
66 additions
and
21 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,63 @@ | ||
--- | ||
title: Creating IAM Users | ||
--- | ||
|
||
## <a id="create"></a> Creating new use user | ||
|
||
1. Log into the AWS console: [https://console.aws.amazon.com/console/home](https://console.aws.amazon.com/console/home). | ||
|
||
<%= image_tag("images/deploy-microbosh-to-aws/account-dashboard.png") %> | ||
|
||
1. Click your account name and select **Security Credentials**. | ||
|
||
<%= image_tag("images/deploy-microbosh-to-aws/security-credentials-menu.png") %> | ||
|
||
1. If the AWS IAM confirmation box is presented, click **Get Started with IAM Users** to go to IAM Users management page. Alternatively go directly to [users list](https://console.aws.amazon.com/iam/home#users). | ||
|
||
<%= image_tag("images/deploy-microbosh-to-aws/iam-modal.png") %> | ||
|
||
1. Click **Create New Users** button. | ||
|
||
<%= image_tag("images/deploy-microbosh-to-aws/list-iam-users.png") %> | ||
|
||
1. Enter a descriptive name for a new user, make sure that access keys will be generated for each user and click **Create** button. | ||
|
||
<%= image_tag("images/deploy-microbosh-to-aws/create-iam-users.png") %> | ||
|
||
1. Record **Access Key ID** and **Secret Access Key** for later use. Click **Close** link to get back to the list of users. | ||
|
||
<%= image_tag("images/deploy-microbosh-to-aws/get-iam-creds.png") %> | ||
|
||
1. Click on a new user from the list of users. | ||
|
||
1. Click on **Inline Policies** panel and choose to create a new inline policy. | ||
|
||
<%= image_tag("images/deploy-microbosh-to-aws/attach-iam-policy.png") %> | ||
|
||
1. Add a policy configuration for the chosen user and click **Apply Policy**. | ||
|
||
<%= image_tag("images/deploy-microbosh-to-aws/add-iam-inline-policy.png") %> | ||
|
||
For example your aws-cpi's inline policy allows full EC2 and ELB access: | ||
|
||
```yaml | ||
{ | ||
"Version": "2012-10-17", | ||
"Statement": [ | ||
{ | ||
"Sid": "Stmt1448388791000", | ||
"Effect": "Allow", | ||
"Action": [ "ec2:*" ], | ||
"Resource": [ "*" ] | ||
}, | ||
{ | ||
"Sid": "Stmt1448389431000", | ||
"Effect": "Allow", | ||
"Action": [ "elasticloadbalancing:*" ], | ||
"Resource": [ "*" ] | ||
} | ||
] | ||
} | ||
``` | ||
|
||
<p class="note">Note: It's highly encouraged to set very restrictive policy to limit unncessary access.</p> |
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters