About IAM
AWS Identity and Access Management (IAM) enables you to manage access to AWS services and resources securely. Using IAM, you can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources.
SoftNAS recommends use of an Identity and Access Management (IAM) when creating your SoftNAS instance. You will need to create both an IAM Policy and IAM Role for use with your SoftNAS instance.
Creating the IAM Policy for SoftNAS®
To create an IAM Policy for use with SoftNAS you will need to use the AWS IAM Console at https://console.aws.amazon.com/iam/home#/home or search for IAM in the AWS services from the AWS Console home.
...
4. Copy the JSON text shown under IAM Role Policy below, and paste it into the AWS JSON editor and then click “Review policy” at the bottom of the page.
IAM Role Policy
{ "Version": "2012-10-17", "Statement": [ { "Sid": "Stmt1444200186000", "Effect": "Allow", "Action": [ "ec2:ModifyInstanceAttribute", "ec2:DescribeInstances", "ec2:CreateVolume", "ec2:DeleteVolume", "ec2:CreateSnapshot", "ec2:DeleteSnapshot", "ec2:CreateTags", "ec2:DeleteTags", "ec2:AttachVolume", "ec2:DetachVolume", "ec2:DescribeInstances", "ec2:DescribeVolumes", "ec2:DescribeSnapshots", "aws-marketplace:MeterUsage", "ec2:DescribeRouteTables", "ec2:DescribeAddresses", "ec2:DescribeTags", "ec2:DescribeInstances", "ec2:ModifyNetworkInterfaceAttribute", "ec2:ReplaceRoute", "ec2:CreateRoute", "ec2:DeleteRoute", "ec2:AssociateAddress", "ec2:DisassociateAddress", "s3:CreateBucket", "s3:Delete*", "s3:Get*", "s3:List*", "s3:Put*" ], "Resource": [ "*" ] } ] } |
|---|
...
Note: The IAM Policy name created should be SoftNAS_HA_IAM.
6. Your IAM Policy for use with SoftNAS should now be created.
Creating an IAM Role for use with SoftNAS
To create an IAM Role for use with SoftNAS and a previously created IAM Policy, you will need to use the AWS IAM Console at https://console.aws.amazon.com/iam/home#/home or search for IAM in the AWS services from the AWS Console home.
...