AWS Permissions Needed to Create a DynaCenter Instance from the AWS Marketplace
Reference Number: AA-00390 Views: 6528 Created: 07-11-2016 16:28 Last Updated: 08-14-2017 11:55

Applies To:

DynaCenter 6.5.0 and later

Background:

The AWS Marketplace provides an easy mechanism for installing DynaCenter into your Amazon environment. You must have the appropriate AWS permissions to create the DynaCenter instance from the AWS Marketplace; this article outlines the required AWS permissions.

More Information:

The following article provides information about creating an IAM user:

http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_SettingUpUser.html

If you are installing DynaCenter from a DynaCenter Amazon Machine Image (AMI), see the following article for the appropriate permissions:

https://racemi.host4kb.com/article/AA-00419

If you want to integrate DynaCenter with the AWS Migration Hub, see the following article for the appropriate permissions:

https://racemi.host4kb.com/article/AA-00414

The following article provides information about the permissions needed to configure DynaCenter and migrate servers after the DynaCenter instance is created:

https://racemi.host4kb.com/article/AA-00386

Resolution:

The following sample policy outlines the minimum permissions needed to install DynaCenter from the AWS Marketplace.

Sample Policy

{

    "Version": "2012-10-17",

    "Statement": [

        {

            "Sid": "Stmt1432040614000",

            "Effect": "Allow",

            "Action": [

                "ec2:AuthorizeSecurityGroupEgress",

                "ec2:AuthorizeSecurityGroupIngress",

                "ec2:CreateKeyPair",

                "ec2:CreateSecurityGroup",

                "ec2:CreateTags",

                "ec2:DeleteSecurityGroup",

                "ec2:DescribeAccountAttributes",

                "ec2:DescribeImages",

                "ec2:DescribeInstances",

                "ec2:DescribeInstanceStatus",

                "ec2:DescribeKeyPairs",

                "ec2:DescribeSecurityGroups",

                "ec2:DescribeSubnets",

                "ec2:DescribeTags",

                "ec2:DescribeVpcs",

                "ec2:RunInstances",

                "ec2:StartInstances",

                "ec2:StopInstances",

                "ec2:TerminateInstances"

            ],

            "Resource": [

                "*"

            ]

        },

        {

            "Sid": "Stmt1458161720000",

            "Effect": "Allow",

            "Action": [

                "iam:CreateAccessKey",

                "iam:CreateInstanceProfile",

                "iam:DeleteAccessKey",

                "iam:ListAccessKeys",

                "iam:ListInstanceProfiles",

                "iam:ListInstanceProfilesForRole",

                "iam:ListRolePolicies",

                "iam:ListRoles",

                "iam:PassRole"

            ],

            "Resource": [

                "*"

            ]

        },

      {

            "Sid": "Stmt1458161780000",

            "Effect": "Allow",

            "Action": [

                "aws-marketplace:Subscribe",

                "aws-marketplace:ViewSubscriptions"

            ],

            "Resource": [

                "*"

            ]

        }

    ]

}