Configure AWS access using IAM role for EC2
This method allows you to create an IAM role for C8 and assume it from another role.
Step 1: Create IAM Role for EC2
Please refer to the official AWS documentation about creating an AWS IAM role for the EC2
Step 2: Create IAM Role to assume by EC2 instance role.
Step 2.1: Download IAM Policy
Download the IAM policy that grants read permissions to all AWS resources:
Step 2.2: Create IAM Policy
Create the IAM policy:
Step 2.3: Create IAM Role
Create an IAM role that can be assumed by EC2 roles:
Name | Description |
---|---|
$account_id | The AWS account id from which you want to allow run discovery |
$ec2_role | The AWS role name from which you want to allow run discovery |
Create an IAM role with a defined trust relationship and description
Attach the sh-c8-discovery-policy policy to the sh-c8-discovery role
Note If you want to discover more AWS accounts, please repeat the 2nd step for each account.
PreviousConfigure AWS access for the discovery job using service account (AWS EKS)NextConfigure AWS access using access keys for IAM users
Last updated