Create Policies

Login to console of your AWS account, access the IAM service as shown in picture below:

Once you are in IAM service administration click on Policies at the left menu

Then click on blue button labeled Create Policy

Select the type Create Your Own Policy by clicking on Select

In next screen you need to complete the fields with the Policy Name, Description and Policy Document then click on Validate Policy to check if everything is OK.

  • Consolidated Billing Account

Content of Policy Document:

{

"Version": "2012-10-17",

"Statement": [

{

"Sid": "Stmt1466603831000",

"Effect": "Allow",

"Action": [

"s3:*"

],

"Resource": [

"*"

]

}

]

}

  • Backup Account

Content of Policy Document:

{

"Version": "2012-10-17",

"Statement": [

{

"Sid": "Stmt1466603110000",

"Effect": "Allow",

"Action": [

"cloudwatch:*"

],

"Resource": [

"*"

]

},

{

"Sid": "Stmt1466603427000",

"Effect": "Allow",

"Action": [

"rds:*"

],

"Resource": [

"*"

]

},

{

"Sid": "Stmt1466603471000",

"Effect": "Allow",

"Action": [

"ec2:*"

],

"Resource": [

"*"

]

},

{

"Sid": "Stmt1466607793000",

"Effect": "Allow",

"Action": [

"elasticloadbalancing:*"

],

"Resource": [

"*"

]

},

{

"Sid": "Stmt1466607782000",

"Effect": "Allow",

"Action": [

"autoscaling:*"

],

"Resource": [

"*"

]

},

{

"Sid": "Stmt1469082969000",

"Effect": "Allow",

"Action": [

"ecs:*"

],

"Resource": [

"arn:aws:ecs:::*"

]

},

{

"Sid": "Stmt1466603831000",

"Effect": "Allow",

"Action": [

"s3:*"

],

"Resource": [

"*"

]

},

{

"Sid": "Stmt1466604108000",

"Effect": "Allow",

"Action": [

"sns:*"

],

"Resource": [

"*"

]

},

{

"Sid": "Stmt1466604334000",

"Effect": "Allow",

"Action": [

"kms:*"

],

"Resource": [

"*"

]

},

{

"Sid": "Stmt1466604520000",

"Effect": "Allow",

"Action": [

"iam:*"

],

"Resource": [

"*"

]

},

{

"Sid": "Stmt1466603891000",

"Effect": "Allow",

"Action": [

"cloudtrail:GetTrailStatus",

"cloudtrail:DescribeTrails",

"cloudtrail:LookupEvents",

"cloudtrail:ListTags",

"cloudtrail:ListPublicKeys",

"cloudtrail:GetEventSelectors",

"lambda:ListFunctions"

],

"Resource": [

"*"

]

}

]

}

  • Normal Account

Content of Policy Document:

{

"Version": "2012-10-17",

"Statement": [

{

"Sid": "Stmt1466603110000",

"Effect": "Allow",

"Action": [

"cloudwatch:*"

],

"Resource": [

"*"

]

},

{

"Sid": "Stmt1466603427000",

"Effect": "Allow",

"Action": [

"rds:*"

],

"Resource": [

"*"

]

},

{

"Sid": "Stmt1466603471000",

"Effect": "Allow",

"Action": [

"ec2:*"

],

"Resource": [

"*"

]

},

{

"Sid": "Stmt1466607793000",

"Effect": "Allow",

"Action": [

"elasticloadbalancing:*"

],

"Resource": [

"*"

]

},

{

"Sid": "Stmt1466607782000",

"Effect": "Allow",

"Action": [

"autoscaling:*"

],

"Resource": [

"*"

]

},

{

"Sid": "Stmt1469082969000",

"Effect": "Allow",

"Action": [

"ecs:*"

],

"Resource": [

"arn:aws:ecs:::*"

]

},

{

"Sid": "Stmt1466603831000",

"Effect": "Allow",

"Action": [

"s3:*"

],

"Resource": [

"*"

]

},

{

"Sid": "Stmt1466604108000",

"Effect": "Allow",

"Action": [

"sns:*"

],

"Resource": [

"*"

]

},

{

"Sid": "Stmt1466604334000",

"Effect": "Allow",

"Action": [

"kms:*"

],

"Resource": [

"*"

]

},

{

"Sid": "Stmt1466604520000",

"Effect": "Allow",

"Action": [

"iam:*"

],

"Resource": [

"*"

]

},

{

"Sid": "Stmt1466603891000",

"Effect": "Allow",

"Action": [

"cloudtrail:GetTrailStatus",

"cloudtrail:DescribeTrails",

"cloudtrail:LookupEvents",

"cloudtrail:ListTags",

"cloudtrail:ListPublicKeys",

"cloudtrail:GetEventSelectors",

"lambda:ListFunctions"

],

"Resource": [

"*"

]

}

]

}

If you receive the message below, everything was good.

Then click on Create Policy

You will receive a successful message.

results matching ""

    No results matching ""