Skip to content

AWS Configuration

The following page outlines how to enable AWS features through the AWS management console on CAS Manager. The first step is to create a policy that can be attached to a service account. This service account will assume the permissions of other roles. This will enable the user to manage the resources with the same permissions as the role that is being assumed.

For information on CAS Manager's cloud service account features and requirements, see:

Create a CAS Manager Policy in AWS

The following steps outline how to create the required AWS policy that you can attach to a AWS User to manage AWS resources:

  1. Go to the IAM Management page in the AWS management console.
  2. From the sidebar, click Policies.
  3. Click Create policy.
  4. For Service click EC2 from the list of services.
  5. Under Access level expand the List section and select DescribeInstances.
  6. Under Access level expand the Write section and ensure the following permissions are selected:
    • RebootInstances
    • StartInstances
    • StopInstances
    • TerminateInstances
  7. For Resources click All resources.
  8. Leave Request conditions blank and click Review policy.
  9. Give the newly created policy a name and click Create policy.

Create CAS Manager Service Account for AWS

This service account will have the ability to perform required actions in AWS. This will let the service account manage resources that the user has access to.

The following steps outline how to create the CAM service account:

  1. Go to the IAM Management page in the AWS management console.
  2. From the sidebar, click Users.
  3. Click Add user.
  4. Give the user a name and select Programmatic access as the Access type.
  5. Click Next: Permissions.
  6. Click Attach existing policies directly and search for the policy you created above that has EC2 permissions and select it. Optionally, you can add a tag to this role.
  7. Click Next:Review.
  8. Click Create user
  9. Copy the User name, Access key ID and Secret access key credentials and save them to a secure location.

Add the AWS Service Account to a CAS Manager Deployment

The next step requires you to add the AWS service account you have created from the previous steps in the AWS management console to CAS Manager. This service account will have the CAM policy created in the previous step.

The following steps outline how to add the information to CAS Manager:

  1. Log in to CAS Manager.
  2. Select the CAS Manager deployment ou want to add the AWS service account to.
  3. Click Edit Deployment.
  4. Click the Cloud service accounts tab and open the AWS container.
  5. Enter the User name, Access key ID and Secret access key values that you saved previously in the AWS form.
  6. Click Submit.

CAS Manager will have be able to manage AWS machines that get added to this deployment.