Creating an AWS User for Redise Cloud Private
Redise Cloud Private (RCP) automatically manages your cluster and provisions instances when needed. In order for RCP to be able to perform its duties, you must have an AWS account that is separate from your AWS application account, along with a user on that separate account.
Within that new AWS account you need to create a role and a user with a specific policy. The user requires both UI console access and an Access Key so that RCP can programmatically create and manage AWS resources on your behalf. After the user is created, generate an Access Key for the user. Save the keys in a secure location, as these keys are required when creating a Subscription.
For assistance with creating the user, please see the AWS documentation on the topic.
Create the Policy
First you need to create an IAM restricted policy as follow:
- In AWS IAM console go to “Policies” -> “Create policy” -> “Create your own policy“
- Name policy “RedislabsIAMUserRestrictedPolicy“
- Copy-Paste the below policies
- Replace “ACCOUNT-ID-WITHOUT-HYPHENS” with the AWS account ID that RCP will be using
- Validate it and press “Create Policy“
Create the Role
Now you need to create an IAM role for RCP to use:
- In AWS IAM console go to “Roles”
- Create new role and select role type “Amazon EC2” and do not attach any policy
- Press “Next step“
- Name the role “redislabs-cluster-node-role“
- Press “Create role“
- Select the new role you have just created from the list of roles
- Under the “Permissions” tab select “Inline Policies” and create a new inline policy by using the “click here” link
- Select “Custom Policy“
- Name the new policy “RedisLabsInstanceRolePolicy“
- Copy-Paste the below role
- Validate it and press “Apply Policy“.
Create the User
Last, you will have to create a user and attache the IAM policy you have created before:
- In AWS IAM console go to “Users” -> select “Add user“
- Name it “redislabs-user” and select both options : “Programmatic access“ and “AWS Management Console access“
- Set a password
- Press “Next: Permissions“
- Select “Attach existing policies directly” and select “RedislabsIAMUserRestrictedPolicy” from the list (the policy you
- previously created)
- Press “Next: Review“
- Press “Create user“
For more information, see the AWS documentation on creating users in Identity and Access management.