Creating the IAM, Policy and Role for the Portal
  • 16 Nov 2022
  • 1 Minute to read
  • Dark
    Light
  • PDF

Creating the IAM, Policy and Role for the Portal

  • Dark
    Light
  • PDF

To set up the Amazon EC2 instance, go through the following sections in order. If you are using Amazon EC2 for the first time, sign up for an Amazon Web Services (AWS) account. Optionally, you can also sign up for an AWS Identity and Access Management (IAM) user account. Amazon recommends using IAM to control access to your EC2 instances, as well as other AWS resources.

Obtaining the Latest CTERA Portal Amazon Machine Image (AMI)

To obtain the latest AMI:

  • Contact CTERA Networks, and request the latest Amazon Machine Image (AMI).

    • Provide CTERA Networks with your Amazon account number.
    • Provide CTERA with the AWS region where you are planning to install the CTERA Portal instance.

    CTERA Networks will then share their latest AMI with your account.

Setting CTERA Portal Resource Access in IAM

Running CTERA Portal on AWS requires an Amazon Identity Access Management (IAM) user account with sufficient privileges for accessing AWS EC2 and S3 resources.

To set CTERA Portal resource access in IAM:

  1. From your Amazon Web Services account, sign in to the AWS Management Console and select Services.
  2. Under the Security, Identity, & Compliance service, select IAM.
  3. In the navigation pane, click Access management > Policies.
    The Policies window is displayed.
  4. Click Create policy.
    The Create policy window is displayed.
  5. Select the JSON tab and paste the following policy document into the Policy Document area:
{"Version": "2012-10-17",
      "Statement": [{
        "Effect": "Allow",
        "Action": [
            "ec2:AttachVolume",
            "ec2:CreateSnapshot",
            "ec2:DeleteSnapshot",
            "ec2:DescribeSnapshots",
            "ec2:DescribeVolumes",
            "ec2:DetachVolume"
        ],
        "Resource": [
            "*"
        ]
    },
    {"Sid": "Stmt1413831949000",
        "Effect": "Allow",
        "Action": [
            "s3:CreateBucket",
            "s3:DeleteObject",
            "s3:GetObject",
            "s3:ListAllMyBuckets",
            "s3:ListBucket",
            "s3:PutObject"
        ],
        "Resource": [
            "*"
        ]
    }]
}
  1. Click Next through the wizard until Review policy.
  2. Enter a name for the policy and click Create policy.
  3. In the navigation pane, click Access management > Roles.
    The Roles window is displayed.
  4. Click Create role.
    The Create role window is displayed.
  5. Under the AWS service option, under Use Case, choose EC2 and click Next.
  6. Select both the policy created in step 7 and the AmazonSSMFullAccess policy.
    Note

    You can search for this policy and then select it.

  7. Click Next.
  8. Enter a name for the role and, optionally, click Add tag to add a tag for the role.
    Key – A name for the tag.
    Value - optional – The policy name from step 7.
  9. Click Create role.

Was this article helpful?