Provision an IAM user
Provision an IAM user
- If you do not have an IAM user, you will create an IAM user.
- Then download Access key to use CLI
- Then we will create policy.
- We will configure the policy as follows:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "CodeDeployAccessPolicy",
"Effect": "Allow",
"Action": [
"autoscaling:*",
"codedeploy:*",
"ec2:*",
"lambda:*",
"ecs:*",
"elasticloadbalancing:*",
"iam:AddRoleToInstanceProfile",
"iam:AttachRolePolicy",
"iam:CreateInstanceProfile",
"iam:CreateRole",
"iam:DeleteInstanceProfile",
"iam:DeleteRole",
"iam:DeleteRolePolicy",
"iam:GetInstanceProfile",
"iam:GetRole",
"iam:GetRolePolicy",
"iam:ListInstanceProfilesForRole",
"iam:ListRolePolicies",
"iam:ListRoles",
"iam:PutRolePolicy",
"iam:RemoveRoleFromInstanceProfile",
"s3:*",
"ssm:*"
],
"Resource": "*"
},
{
"Sid": "CodeDeployRolePolicy",
"Effect": "Allow",
"Action": [
"iam:PassRole"
],
"Resource": "arn:aws:iam::account-ID:role/CodeDeployServiceRole"
}
]
}
- Check again and then enter the policy name, select Create policy