AWS IAM and Elastic Beanstalk: Difference between revisions
(Created page with "Category:AWS Category:Web Development When an Elastic Beanstalk application is created through the AWS Management Console, and IAM profile is created specifically for...") |
|||
| (One intermediate revision by the same user not shown) | |||
| Line 1: | Line 1: | ||
[[Category:AWS]] [[Category:Web Development]] | [[Category:AWS]] [[Category:Web Development]] | ||
== Goal == | |||
When an Elastic Beanstalk application is created through the AWS Management Console, | Create a user account with appropriate permissions to manage AWS Elastic Beanstalk applications. | ||
<p class="alert alert-warning">I was working off this page during my first attempt to install a Django app on AWS. I think there was maybe more information there than I necessarily needed to follow. Specifically after the instruction to run `eb init`, it says that you will be prompted for an IAM user account. This was not the case.</p> | |||
== Creating a IAM user/role appropriate for Elastic Beanstalk == | |||
When an Elastic Beanstalk application is created through the AWS Management Console, an IAM profile is created specifically for the application. This role can be reused for other EB apps. | |||
Similarly, if a sample application is created ('''[https://us-west-2.console.aws.amazon.com/elasticbeanstalk/home?region=us-west-2#/applications Elastic Beanstalk Applications]''' > '''Create New Application'''), either a new IAM role is created for the app, or any IAM roles created for previous Elastic Beanstalk applications can be reused for new applications. | Similarly, if a sample application is created ('''[https://us-west-2.console.aws.amazon.com/elasticbeanstalk/home?region=us-west-2#/applications Elastic Beanstalk Applications]''' > '''Create New Application'''), either a new IAM role is created for the app, or any IAM roles created for previous Elastic Beanstalk applications can be reused for new applications. | ||
| Line 7: | Line 14: | ||
While creating the Elastic Beanstalk application, at the '''Permissions''' stage | While creating the Elastic Beanstalk application, at the '''Permissions''' stage | ||
* '''Instance profile:''' `aws-elasticbeanstalk-ec2-role | * '''Instance profile:''' `aws-elasticbeanstalk-ec2-role` | ||
* '''Service role:''' `aws-elasticbeanstalk-service-role` or `Create a new service role` | * '''Service role:''' `aws-elasticbeanstalk-service-role` or `Create a new service role` | ||
Latest revision as of 12:35, 20 March 2018
Goal[edit]
Create a user account with appropriate permissions to manage AWS Elastic Beanstalk applications.
I was working off this page during my first attempt to install a Django app on AWS. I think there was maybe more information there than I necessarily needed to follow. Specifically after the instruction to run eb init, it says that you will be prompted for an IAM user account. This was not the case.
Creating a IAM user/role appropriate for Elastic Beanstalk[edit]
When an Elastic Beanstalk application is created through the AWS Management Console, an IAM profile is created specifically for the application. This role can be reused for other EB apps.
Similarly, if a sample application is created (Elastic Beanstalk Applications > Create New Application), either a new IAM role is created for the app, or any IAM roles created for previous Elastic Beanstalk applications can be reused for new applications.
While creating the Elastic Beanstalk application, at the Permissions stage
- Instance profile:
aws-elasticbeanstalk-ec2-role - Service role:
aws-elasticbeanstalk-service-roleorCreate a new service role
If Create a new service role is selected on the next page, the role name is specified on the next page.
Notes[edit]
See also[edit]
- IAM Business Use Cases - AWS Identity and Management User Guide
- Using Elastic Beanstalk with AWS Identity and Access Management - AWS Elastic Beanstalk Developer Guide, API Version 2010-12-01