Creating the IAM, Policy and Role for the Portal
  • 1 Minute to read
  • Dark
    Light
  • PDF

Creating the IAM, Policy and Role for the Portal

  • Dark
    Light
  • PDF

Article summary

To set up the Amazon EC2 instance, go through the following sections in order. If you are using Amazon EC2 for the first time, sign up for an Amazon Web Services (AWS) account. Optionally, you can also sign up for an AWS Identity and Access Management (IAM) user account. Amazon recommends using IAM to control access to your EC2 instances, as well as other AWS resources.

Obtaining the Latest CTERA Portal Amazon Machine Image (AMI)

To obtain the latest AMI:

  • Contact CTERA Support, and request the latest Amazon Machine Image (AMI).

    • Provide CTERA Support with your Amazon account number.
    • Provide CTERA Support with the AWS region where you are planning to install the CTERA Portal instance.

    CTERA Support will then share their latest AMI with your account.

Setting CTERA Portal Resource Access in IAM

Running CTERA Portal on AWS requires an Amazon Identity Access Management (IAM) user account with sufficient privileges for accessing AWS EC2 and S3 resources.

To set CTERA Portal resource access in IAM:

  1. From your Amazon Web Services account, sign in to the AWS Management Console and select Services.
  2. Under the Security, Identity, & Compliance service, select IAM.
  3. In the navigation pane, click Access management > Policies.
    The Policies window is displayed.
  4. Click Create policy.
    The Create policy window is displayed.
  5. Select the JSON tab and paste the following policy document into the Policy Document area:
    {"Version": "2012-10-17",
          "Statement": [{
            "Effect": "Allow",
            "Action": [
                "ec2:AttachVolume",
                "ec2:DescribeVolumes",
                "ec2:DetachVolume",
                "ec2:CreateSnapshot",
                "ec2:DeleteSnapshot",
                "ec2:DescribeSnapshots",
                "s3:CreateBucket",
                "s3:ListBucket",
                "s3:GetObject",
                "s3:PutObject",
                "s3:DeleteObject",
                "s3:GetBucketLocation",
                "s3:ListAllMyBuckets"
            ],
            "Resource": [
                "*"
            ]
        }]
    }
    
  6. Click Next through the wizard until you can enter a name for the policy and enter a name and click Create policy.
  7. In the navigation pane, click Access management > Roles.
    The Roles window is displayed.
  8. Click Create role.
    The Create role window is displayed.
  9. Under the AWS service option, under Use Case, choose EC2 and click Next.
  10. Select both the policy created and the AmazonSSMFullAccess policy.
    Note

    You can search for this policy and then select it.

  11. Click Next.
  12. Enter a name for the role and, optionally, click Add new tag to add a tag for the role.
    Key – A name for the tag.
    Value - optional – The policy name from step 7.
  13. Click Create role.

Was this article helpful?

ESC

Eddy AI, facilitating knowledge discovery through conversational intelligence