AWS Security Operations: Difference between revisions
| Line 69: | Line 69: | ||
Trusted entities AWS service: ecs.amazonaws.com | Trusted entities AWS service: ecs.amazonaws.com | ||
For ECS: "AWS service: ecs-tasks" | |||
Policies: ? | Policies: ? | ||
Revision as of 01:09, 6 February 2019
Internal
Setting AWS Credentials
Create a Key Pair
Amazon AWS instance access key pairs are explained here.
External reference for the procedures to create (or import) a key pair: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/get-set-up-for-amazon-ec2.html#create-a-key-pair
This procedure describes how to create the em provisioning key pair:
Go to the EC2 console https://us-west-2.console.aws.amazon.com/ec2/v2/home.
Left tab -> Network and Security -> Key Pairs -> Create Key Pair
The key is created and the file containing the private key is automatically downloaded by your browser. The base file name is the name you specified as the name of your key pair, and the file name extension is .pem. Save the private key file in a safe place.
Create a Security Group
Create a Security Group http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/get-set-up-for-amazon-ec2.html#create-a-base-security-group
List the Security Groups
EC2 Console -> Resources -> Security Groups.
IAM Operations
Create an IAM User
Creating an IAM user:
Create an IAM Group
Creating an IAM group:
Create an IAM Role
Creating an IAM role:
Go to IAM Console: https://us-west-2.console.aws.amazon.com/iam/home#roles -> Create Role
Select type of trusted entity: AWS service
Chose the service that will use this role: Elastic Container Service
Select your use case: Elastic Container Service: Allows ECS to create and manage AWS resources on your behalf.
Next: Permissions
Role name: playground-themyscira
Role description: Allows ECS to create and manage AWS resources on your behalf.
Trusted entities AWS service: ecs.amazonaws.com
For ECS: "AWS service: ecs-tasks"
Policies: ?
Permissions boundary: Permissions boundary is not set