Versions Compared

Version Old Version 5 New Version 6
Changes made by

Former user

Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

About IAM

Amazon Web Services (AWS ) Identity and Access Management (IAM) is a web service that enables AWS customers to manage users and user permissions in AWS. The service is targeted at organizations with multiple users or systems that use AWS products such as Amazon EC2, Amazon RDS, and the AWS Management Console. With IAM, centrally manage users, security credentials such as access keys, and permissions that control which AWS resources users can access.

Without IAM, organizations with multiple users and systems must either create multiple AWS accounts, each with its own billing and subscriptions to AWS products, or employees must all share the security credentials of a single AWS account. Also, without IAM, there is no control over the tasks a particular user or system can do and what AWS resources they might use.

IAM addresses this issue by enabling organizations to create multiple users (each user is a person, system, or application) who can use AWS products, each with individual security credentials, all controlled by and billed to a single AWS account. With IAM, each user is allowed to do only what they need to do as part of the user's jobenables you to manage access to AWS services and resources securely. Using IAM, you can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources. 

SoftNAS recommends use of an Identity and Access Management (IAM) when creating your SoftNAS instance. You will need to create both an IAM Policy and IAM Role for use with your SoftNAS instance.


Creating the IAM Policy for SoftNAS Cloud®

To create an IAM Policy for use with SoftNAS Cloud you will need to use the AWS IAM Console at https://console.aws.amazon.com/iam/home#/home or search for IAM in the AWS services from the AWS Console home.

...


4.  Copy the JSON text shown under IAM Role Policy below, and paste it into the AWS JSON editor and then click “Review policy” at the bottom of the page.

IAM Role Policy


{

  "Version": "2012-10-17",

  "Statement": [

    {

      "Sid": "Stmt1444200186000",

      "Effect": "Allow",

      "Action": [

        "ec2:ModifyInstanceAttribute",

        "ec2:DescribeInstances",

        "ec2:CreateVolume",

        "ec2:DeleteVolume",

        "ec2:CreateSnapshot",

        "ec2:DeleteSnapshot",

        "ec2:CreateTags",

        "ec2:DeleteTags",

        "ec2:AttachVolume",

        "ec2:DetachVolume",

        "ec2:DescribeInstances",

        "ec2:DescribeVolumes",

        "ec2:DescribeSnapshots",
 

        "aws-marketplace:MeterUsage",


        "ec2:DescribeRouteTables",

        "ec2:DescribeAddresses",

        "ec2:DescribeTags",

        "ec2:DescribeInstances",

        "ec2:ModifyNetworkInterfaceAttribute",

        "ec2:ReplaceRoute",

        "ec2:CreateRoute",

        "ec2:DeleteRoute",

        "ec2:AssociateAddress",

        "ec2:DisassociateAddress",

 

        "s3:CreateBucket",

        "s3:Delete*",

        "s3:Get*",

        "s3:List*",

        "s3:Put*"

      ],

      "Resource": [

        "*"

      ]

    }

  ]

}

...

6. Your IAM Policy for use with SoftNAS should now be created.


Creating the IAM Role

To create an IAM Role for use with SoftNAS Cloud and a previously created IAM Policy, you will need to use the AWS IAM Console at https://console.aws.amazon.com/iam/home#/home or search for IAM in the AWS services from the AWS Console home.

...