AWS IAM and Elastic Beanstalk
Goal[edit]
Create a user account with appropriate permissions to manage AWS Elastic Beanstalk applications.
I was working off this page during my first attempt to install a Django app on AWS. I think there was maybe more information there than I necessarily needed to follow. Specifically after the instruction to run eb init, it says that you will be prompted for an IAM user account. This was not the case.
Creating a IAM user/role appropriate for Elastic Beanstalk[edit]
When an Elastic Beanstalk application is created through the AWS Management Console, an IAM profile is created specifically for the application. This role can be reused for other EB apps.
Similarly, if a sample application is created (Elastic Beanstalk Applications > Create New Application), either a new IAM role is created for the app, or any IAM roles created for previous Elastic Beanstalk applications can be reused for new applications.
While creating the Elastic Beanstalk application, at the Permissions stage
- Instance profile:
aws-elasticbeanstalk-ec2-role - Service role:
aws-elasticbeanstalk-service-roleorCreate a new service role
If Create a new service role is selected on the next page, the role name is specified on the next page.
Notes[edit]
See also[edit]
- IAM Business Use Cases - AWS Identity and Management User Guide
- Using Elastic Beanstalk with AWS Identity and Access Management - AWS Elastic Beanstalk Developer Guide, API Version 2010-12-01