How to Create the IAM Policy for AWS Cloud Auto Scaling

 

 

AutoscalingAWS Auto Scaling allows the user to automatically scale the Amazon EC2 compute resources up or down as per the defined conditions. The AWS Identification and Access Management allows the AWS user to create roles, users or groups for the organization. IAM is used to configure groups of users who will be allowed or denied access to specific AWS services. The user can provide or deny the access with a set of IAM policies.

The IAM Policy is used to grant access permission to a user, group or role based on the AWS resources specific rules. To give a particular IAM entity permission, the user needs to write a policy according to the access policy language that IAM uses and then attach the policy to the related AWS entity. In case of a group, the group users’ inherit the group policy. More than one policy can be attached to a group or a user.

The IAM Roles can also be used with Auto Scaling. Auto Scaling integrates with IAM so that the user can specify which Auto Scaling actions can be performed in the AWS Account with the Auto Scaling resources. Auto Scaling can be configured with IAM at a service level (e.g. create or delete launch configuration, create or update the Auto scaling group). However, it cannot be linked to a particular resource, such as a specific Auto Scaling group or instance.

Using IAM does not change how to scale or configure Auto Scaling. However, it changes who should do it.

The present guide demonstrates how to create an IAM policy for Auto Scaling. The policy will allow accessing or denying certain Auto Scaling services.

 

1. Create an IAM group and add an IAM user.

2. Go to the AWS IAM console and select the user or group for which the policy will be created. Click on “Attach Policy” from the permissions tab.

 

 

3. Select the Policy Generator to create a customized policy for Auto Scaling.

 

 

4. Specify the required policy in the Edit Permissions screen.

5. If the policy specifies that the user or group needs to have access to certain Auto Scaling services, select the “Allow” option and the services to give access to.

 

 

6. Review the selection and click on the “continue” button to confirm the selection.

 

 

7. The IAM shows the policy statement, which clearly states that this policy is to allow for the specified Auto Scaling services. Modify the policy if any changes are required and click on “Apply Policy”.

 

 

8. The policy will be created and assigned to the group / user.

 

 

9. The user can create multiple policies for the same user or group.

10. To create the deny policy for the Auto Scaling service, select the “deny” option in step#5 and the services to be denied.

 

 

11. The above mentioned step allows the user to define the IAM policy for Auto Scaling.

12. The admin is required to create separate user certificates or keys which will be required while configuring the Auto Scaling CLI.

 

Advertisements
Leave a comment

Leave your opinion

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: