Setting up an IAM role for the Cloud Manager instance

You can grant AWS permissions to Cloud Manager by associating an IAM role with the Cloud Manager instance when you launch it in AWS. Before you launch the instance, you must create an IAM policy and attach it to an IAM role.

About this task

You cannot associate an IAM role with an already running instance of Cloud Manager.

Steps

  1. Download the Cloud Manager IAM policy from the following location:
  2. From the IAM console, create your own policy by copying and pasting the text from the Cloud Manager IAM policy.
  3. Create an IAM role with the role type Amazon EC2 and attach the policy that you created in the previous step.

Result

You now have an IAM role that you can associate with the Cloud Manager instance when you launch it in AWS.

After you finish

When you launch the Cloud Manager instance in a standard AWS region, you must choose Custom Launch to launch the instance from the EC2 console. Launching from the EC2 console enables you to associate the IAM role with the Cloud Manager instance.
Note: Launching from the EC2 console is the only option when launching the Cloud Manager instance in the GovCloud (US) region.