AWS Identity and Access Management (IAM) is a web service that helps to securely control user access to AWS resources through authentication and authorization. For more information on IAM, refer to Using IAM.

An IAM role to launch SBC HA instance in AWS is required. The minimum requirement for creating an IAM role policy is shown below. 

{
   "Version": "2012-10-17",
   "Statement": [
                  {
                     "Effect": "Allow",
                     "Action": [
                     "ec2:AllocateAddress",
                     "ec2:AssignPrivateIpAddresses",
                     "ec2:AssociateAddress",
                     "ec2:AttachNetworkInterface",
                     "ec2:DisassociateAddress",
                     "ec2:DescribeInstances",
                     "ec2:DescribeNetworkInterfaces"
                       ],
                   "Resource": "*"
                  }
                ]
}

For more information on creating and using IAM roles and policies, refer to AWS online documentation at IAM Roles and IAM Policies.

1. Create an IAM policy with “alphanumeric and '+=,.@-_” characters
2. Create an IAM role with “alphanumeric and '+=,.@-_” characters (for instance “swe_1role”)
3. Remove/modify to support the characters in the "AllowedPattern" for IAMRole in the CFN

 

  • No labels