In order for the Broker to create, modify, and access resources within an Amazon Web Services (AWS) subscription, an IAM user with the appropriate administrative permissions must be created. The credentials are entered into the Broker plugin configuration.
This article describes the steps required to create an IAM user with programmatic administrative access to the AWS subscription and recording the following details, which are required to configure the account within the Broker:
- AWS Access Key ID
- AWS Secret Access Key
Prerequisites
- Administrative access to the AWS Console
Configuration Steps
- Log in to the AWS Console:
https://console.aws.amazon.com - Navigate to Services > Security, Identity & Compliance > IAM
- Navigate to Users
- Click the Add User button
- Enter the following information:
- User name: A unique name for this user
- Access type: Programmatic access
- Click the Next: Permissions button
- Select Attach existing policies directly option
- Tick the AdministratorAccess policy
- Click the Next: Tags button
- Add tags and values as required
Note: No specific tags are required for the Broker to function - Click the Next: Review button
- Review the configuration parameters
- Click the Create User button
- Record the generated Access Key ID and Secret Access Key
Note: The credentials are only available at this time - if credentials are not recorded, they cannot be retrieved and new credentials must be created - Optionally, click the Download .csv button and store the csv file in a safe location