Skip to content
  • ZipCode Api
  • Blog
  • About RedLine13
RedLine13
Primary Navigation Menu
Menu
  • Start Testing
  • Demo
  • Pricing
  • Docs
    • Knowledge Base
    • AWS IAM Setup Instructions
    • Running a RedLine13 Load Test with Advanced Options
    • Scalability
    • Writing Open Load Tests in Your Language
    • Jenkins Plugin Setup
    • AWS Approval for Large Tests
    • Pro Features
  • JMeter
  • Partners

Update: EC2 Privileges & Permissions

By: RedLine13

A user recently reached out to us and asked:

We have some feedback regarding the ability to shutdown any instance in AWS. We perceive the “Show All Servers” with the ability to shut them down as a dangerous option. People who normally do not have access to terminate EC2 instances all of the sudden gain those privileges once they are given access to RedLine13. Someone could by mistake terminate an important instance. It is possible to remove this ability?

Based on this feedback we have provided an update so users can now fine tune the permission to only grant access to RedLine13 tagged instances. We previously never required this permission, but have updated our documentation to more clearly outline why we use certain permissions:

  • iam:SimulatePrincipalPolicy
    • used to test a policy for permissions
  • ec2:CreateTags
    • allows our tags and you to create custom tags on agents
  • ec2:DescribeInstances
    • required to know the data on the instances we launched
  • ec2:DescribeSpotInstanceRequests
    • required to know the data on the instances launched
  • ec2:RequestSpotInstances
    • used to run tests on spot instances
  • ec2:RunInstances
    • used to run tests with on-demand instances
  • ec2:StartInstances
    • used to start instances for load agents as load agents
  • ec2:DescribeSubnets
    • used to show list of subnets in a drop down
  • ec2:DescribeSecurityGroups
    • used to show your list of security groups when creating a test
  • ec2:StopInstances
    • used to stop instances
  • ec2:TerminateInstances
    • used to terminate instances from the UI or automated if we find unresponsive RedLine13 load agents

Improving Fine Grain Controls

We have updated our security policy to be fine grained for terminating instances. The updated policy will only require these permissions on EC2 instances which are tagged by RedLine13.

See full – IAM Setup Instructions

},
    {
      "Action": [
        "ec2:StopInstances",
        "ec2:TerminateInstances"
      ],
      "Effect": "Allow",
      "Resource": "*",
      "Condition": {
        "StringEquals": {
          "ec2:ResourceTag/redline": "T"
        }
      }
    }

 

2016-10-13
Previous Post: Webinar: Performance Testing a Healthcare Application with HL7 & JMeter
Next Post: Using Amazon EFS to Make Load Testing Faster & Cheaper

Recent Posts

  • Use Cases for the JMeter Dashboard Report
  • AWS Costs for Large JMeter Load Tests Run by Real Customers
  • AWS Multiple Account Setup for Load Testing – Securing your Application Environment
  • Merge Results for Data Analysis
  • Debug your JMeter Test with Output Files

Related

  • SAML SSO
  • E-Learning Companies and Load Testing
  • AWS Multiple Account Setup for Load Testing – Securing your Application Environment
  • AWS Costs for Large JMeter Load Tests Run by Real Customers
  • Why BlazeMeter Customers Chose RedLine13
  • Is BlazeMeter Scared Of RedLine13?
  • RedLine13 Customer HBO Latin America Speaks at Customer Advisory Board Meeting
  • ThinkLogic and High Volume Tests on RedLine13
  • Why ACT Moved from BlazeMeter – Highlights from the RedLine13 Customer Advisory Board Meeting
  • University of California Wanted a LoadRunner Alternative

© RedLine13, LLC | Privacy Policy | Contract
Contact Us: info@redline13.com