AWS IAM User Guide for Cohesive Networks Support. Creating an Amazon Identity and Access Management User with "read only" policy

Similar documents
2016 Infoblox Inc. All rights reserved. Implementing AWS Route 53 Synchronization Infoblox-DG January 2016 Page 1 of 8

SelectSurvey.NET AWS (Amazon Web Service) Integration

Load Balancing FreePBX / Asterisk in AWS

AWS Integration Guide. Full documentation available at

Viz Licensing Administrator Guide. Product Version 1.0 November 27, 2017

ForeScout CounterACT. (AWS) Plugin. Configuration Guide. Version 1.3

CPM. Quick Start Guide V2.4.0

ForeScout Amazon Web Services (AWS) Plugin

AETNA PRODUCER CERTIFICATION PORTAL

Load Balancing Web Servers with OWASP Top 10 WAF in AWS

Monitoring AWS VPCs with Flow Logs

CPM Quick Start Guide V2.2.0

LB Cache Quick Start Guide v1.0

KEMP360 Central. 1 Introduction. KEMP360 Central. Feature Description

EdgeConnect for Amazon Web Services (AWS)

Load Balancing Nginx Web Servers with OWASP Top 10 WAF in AWS

Getting Started with Cloudamize Manage

Using AWS Data Migration Service with RDS

AWS Remote Access VPC Bundle

Amazon Virtual Private Cloud. Getting Started Guide

Installation Guide Revision B. McAfee Cloud Workload Security 5.0.0

CloudHealth. AWS and Azure On-Boarding

Ohio Business Gateway Using the Gateway as a Service Provider: Removing Individuals from a Business Account

Community Edition Getting Started Guide. July 25, 2018

Title: Planning AWS Platform Security Assessment?

Cloud Computing /AWS Course Content

Amazon WorkDocs. Administration Guide

RED TEAM VS. BLUE TEAM ON AWS

Amazon Relational Database Service. Getting Started Guide API Version

CLOUD GATEWAY USER GUIDE

Creating your Virtual Data Centre

Tutorial: Uploading your server build

OnCommand Cloud Manager 3.2 Deploying and Managing ONTAP Cloud Systems

Getting Started Guide. VMware NSX Cloud services

Pexip Infinity and Amazon Web Services Deployment Guide

USER MANUAL. Psychology Department Faculty Reviewer. February 25, 2016

Ross Whetten, North Carolina State University

Creating a Yubikey MFA Service in AWS

EC2 and VPC Deployment Guide

Mission Guide: Amazon S3

Cisco CSR1000V Overview. Cisco CSR 1000V Use Cases in Amazon AWS

How to configure the LuxCloud WHMCS plugin (version 2+) Version: 2.2

unisys Unisys Stealth(cloud) for Amazon Web Services Deployment Guide Release 2.0 May

SECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry

Exostar Identity Access Platform (SAM) User Guide September 2018

Immersion Day. Getting Started with Amazon RDS. Rev

USER MANUAL. SalesPort Salesforce Customer Portal for WordPress (Lightning Mode) TABLE OF CONTENTS. Version: 3.1.0

Kemp 360 Central. Feature Description. UPDATED: 19 February 2019

AppGate for AWS Step-by-Step Setup Guide. Last revised April 28, 2017

Amazon MQ. Developer Guide

LINUX, WINDOWS(MCSE),

AWS VPC Cloud Environment Setup

Configuring a Palo Alto Firewall in AWS

Deploying the Cisco CSR 1000v on Amazon Web Services

Exostar Identity Access Platform (SAM) User Guide July 2018

Mediant Cloud Edition (CE)

Merchant Portal User Guide

Amazon Web Services Training. Training Topics:

Getting Started and System Guide. Version

Administrator Guide Administrator Guide

Amazon AppStream 2.0: Getting Started Guide

MIGRATE2IAAS CLOUDSCRAPER TM V0.5 USER MANUAL. 16 Feb 2014 Copyright M2IAAS INC.

SUB1X Masternode Setup Guide: Windows Version

ActiveNET. #202, Manjeera Plaza, Opp: Aditya Park Inn, Ameerpetet HYD

AltaVault Cloud Integrated Storage Installation and Service Guide for Cloud Appliances

Provisioning Lumeta SPECTRE via AWS Sign in to the Amazon Web Services console at

Training on Amazon AWS Cloud Computing. Course Content

Amazon Web Services (AWS) Training Course Content

Optiwave AWS User Guide

NetApp Cloud Volumes Service for AWS

Neston High School Citrix Portal Setup, using Google Chrome & Citrix Workspace on desktop/laptop.

Colligo Engage Console. User Guide

S-Drive Installation Guide v1.28

MICROSTRATEGY PLATFORM ON AWS MARKETPLACE. Quick start guide to use MicroStrategy on Amazon Web Services - Marketplace

Policy Enforcer. Policy Enforcer Connectors Guide. Modified: Copyright 2018, Juniper Networks, Inc.

How To Manually Update QuickBooks Point of Sale 2013 In A Multi User Environment To The Most Current Release Via Intuit s Website

Amazon Web Services. Block 402, 4 th Floor, Saptagiri Towers, Above Pantaloons, Begumpet Main Road, Hyderabad Telangana India

Ozedi Portal Upload User Guide

Cloud Computing. Amazon Web Services (AWS)

Best Practices for Migrating Servers to Microsoft Azure with PlateSpin Migrate

Document Sub Title. Yotpo. Technical Overview 07/18/ Yotpo

Configuring AWS for Zerto Virtual Replication

Secure Access Manager User Guide December 2017

AWS plug-in. Qlik Sense 3.0 Copyright QlikTech International AB. All rights reserved.

Using VMware Cost Insight. VMware Cost Insight services

Deploy and Secure an Internet Facing Application with the Barracuda Web Application Firewall in Amazon Web Services

Amazon AppStream 2.0: SOLIDWORKS Deployment Guide

Deploy the Firepower Management Center Virtual On the AWS Cloud

Emulating Lambda to speed up development. Kevin Epstein CTO CorpInfo AWS Premier Partner

McAfee Cloud Workload Security Suite Amazon Machine Image Installation Guide

Amazon Web Services (AWS) Solutions Architect Intermediate Level Course Content

F5 BIG-IQ Centralized Management and Amazon Web Services: Setup. Version 5.4

The MyCSF Administrator s Tool Guide

VMware Notification Service v2.0 Installation and Configuration Guide Configure ENS2 for cloud and on-premises deployments

Configuring 802.1X Authentication Client for Windows 8

Create a Dual Stack Virtual Private Cloud (VPC) in AWS

ArcGIS 10.3 Server on Amazon Web Services

DaDaDocs for Microsoft Dynamics 365 Administrator Guide

The Table of Contents on the next page can help you quickly find the instructions you re looking for.

MULTI FACTOR AUTHENTICATION USING THE NETOP PORTAL. 31 January 2017

Transcription:

AWS IAM User Guide for Cohesive Networks Support Creating an Amazon Identity and Access Management User with "read only" policy 2016

Table of Contents Access the AWS IAM Service via AWS Portal 3 Create User 5 Attach Read-only Policy 10 Provide Information to Cohesive 17 After the support interaction is complete 19 2

Access the AWS "IAM" Service 3

Log into AWS Portal and choose "IAMS" Log into the AWS Amazon account that you need support for. Select the "Services" menu at the top of the AWS Portal page. Select "IAM" from the alphabetized list of services. 4

Create User 5

Go to Users section of IAM from Dashboard After selecting "IAM" you will be taken to the IAM Dashboard page. Select the "Users" menu item on the left of the Dashboard page. 6

Select "Create New Users" option After selecting "Users" you will be taken to the IAM Users page. Select the "Create New Users" menu item on the top of the Users page. 7

Create a new user for Cohesive Support After selecting "Create New Users" you will be taken to the Create Users page. Enter a descriptive username for account to be used by Cohesive Networks support staff. In this case we have called it "vns3ms_automation" (for VNS3 Management System automation). Make sure you select "Generate an access key for each user". This user will only have API access key. It will not have certificates or a password. Choose the "Create" button at the bottom of the page. 8

Copy the credentials to provide to Cohesive Networks After selecting "Create" on the Create User page you will be taken to a page providing the status of the operation. If successful, an API Access Key ID and Secret Access Key will have been generated and displayed on the screen. Copy the credentials to provide to Cohesive Networks Support. It also prompts you to download. This is your decision. It is Cohesive's recommendation that you do not. However the Secret Access Key will not ever be available again. 9

Attach the read-only policy to IAM user 10

Select newly created user to attach policy On the Users page you will see the newly created user. There is no menu action for the next step. Selecting the User (in this case vns3ms_automation) with your cursor, and clicking, will take you to a detail page for the user. 11

On the User detail page select "Attach Policy" On the user detail page you will select the "Attach Policy" button. Also note that the value for "Has Password" should be "No". The user should also NOT be in any groups as it might be inadvertently given upgraded permissions. 12

On the Attach Policy page filter for the desired policy On the Attach Policy page you will initially be provided with a large list of possible policies to attach to the support user. In order to prevent error, use the Filter / Search box in the top section of the page. Filter for "EC2Read" 13

Select the AmazonEC2ReadOnlyAccess policy After typing in the filter "EC2Read" you should see the AmazonEC2ReadOnlyAccess policy. Even if you see other policies (as Amazon may add similarly named ones that match this filter in future), do not select any other policies. Check the "tick box" next to the policy name, followed by then clicking the "Attach Policy" button on the bottom of the page. You will be taken back to the detail page for the user. The new IAM user should now be available for use by the Cohesive diagnostics system via the Access credentials. 14

User detail page now shows the attached policy After selecting "Attach Policy" on the previous page, you will be returned to the user detail page. It will show the attached policy and the ability to remove it in future. NOTE: The page should still show that this user has no password, and is part of no groups (a notation of "0"). 15

Further down the User detail page are Security Credentials Scrolling towards the bottom of the User detail page you will see the Security Credentials section You will see the Access Key ID, however the Secret Access Key is no longer available unless you copy/pasted it, or downloaded it when it was provided. You will see the Access credentials are "Active" in green text. You will also see a blue "link" with the text "Make Inactive" - do not use this (yet). 16

Provide needed information to Cohesive Networks 17

Information for Cohesive Networks To recap, provide the following information and access to Cohesive Networks - Provide the IAM user Access Key ID and Secret Access Key, you do not need to provide the username of the IAM account you created. - Provide the AWS 12 digit account ID for the VPC and VNS3 Controller(s) involved in your support issue. - Provide the VPC ID for the VPC(s) involved in your support issue. - Ensure that port 8000 is open to the Public IP designated by Cohesive Support as the source address of the diagnostic system being used. This may be different than the standard Cohesive Support IP of 54.236.197.84/32. 18

After the Support interaction is complete 19

Make Access credentials inactive (or delete user account) After the support incident is complete you can delete the user account. However, this will require a complete repeat of this IAM setup in the future. Alternatively you can make the Access credentials "Inactive" by clicking on the associated blue link/text. You can also delete the credential, then create a new one for this IAM user for future support incidents. Whether you delete the IAM account, deactivate the credential or delete the credential should be chosen based on your organization's policies. 20

What if I don't want to provide Cohesive access? The most effective way for Cohesive Networks to help debug the complexity of VPCs, security groups, network acls, subnets, route tables, Internet gateways, etc. is to have access (read only) to the VPC information. If you do not want to provide this access, Cohesive staff can work remotely in live session with you, via Webex or other screen sharing technology. There will however, be an hourly charge double the then published hourly rate (or part thereof) for support services. If you do not have Enhanced Support with the Quick Support (24x7 production outage) option, and it is outside standard support hours this can be quite expensive. We are quite willing to work either way. After supporting almost 1 billion device hours of cloud networking to-date we have a great understanding of how best to debug/ discover complex cloud interaction issues. 21

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback