AWS Identify and Access Management (IAM) Setup Instructions

AWS Identify and Access Management (IAM) Setup Instructions

If you do not have an Amazon AWS account, you can sign up for one easily at http://aws.amazon.com/.  Signing up is free and you will only pay for the services that are used.  As an example, if you do a load test of 50,000 users for an hour the approximate cost is $2.00 and would be charged to your account on Amazon. There is no fee from RedLine.

Getting Starting With RedLine13

There are 2 ways to upload AWS credentials. The Cross Account Role method is the preferred method. The other option is the AWS Key/Secret version.

Below is a detailed video demonstrating how to link AWS with RedLine13 in addition to step-by-step guide’s.

Cross Account Role

Below are instructions for setting up IAM access for your account using Cross Account Roles.
Click here to enter your IAM information.

  1. Login to the AWS IAM console at https://console.aws.amazon.com/iam/home.
  2. Click the “Policies” link, then the “Create Policy” button.
  3. Select “Create Your Own Policy”, then enter a policy name (e.g. “RedlineAccess”) and this policy document text.
  4. Click the “Roles” link, then the “Create Role” button.
  5. Select the “Another AWS Account” option.
  6. Enter Account ID “635144173025” and the External ID listed on the RedLine13 account setup screen.
  7. On the next step, Select the policy that you created above.
  8. On the Review page, enter a Role Name (E.g. “RedlineAccess”), then click “Create Role”.
  9. Copy the Role ARN and enter into the RedLine13 form, then submit the form.
  10. AWS Key/Secret

    Below are instructions for setting up IAM access for your account using an AWS Key/Secret.
    Click here to enter your IAM keys.

    • Login to the AWS IAM console at https://console.aws.amazon.com/iam/home.
    • Click the “Create a New Group of Users” button.
    • Enter a Group Name (E.g. “RedlineAccess”), then click continue.
    • Select “Custom Policy”, then enter a policy name and this policy document text.
    • Add a user name (E.g. “redline”) and ensure that “Generate an access key for each User” is checked. Make sure to place this user in the newly created group.
    • Review and submit the form, then copy the AWS key and AWS secret.

    IAM Policy

    {
    	"Version": "2012-10-17",
    	"Statement": [
    		{
    			"Action": [
    				"iam:GetUser",
    				"iam:SimulatePrincipalPolicy",
                                    "iam:PassRole",
    				"ec2:CreateTags",
    				"ec2:DescribeInstances",
    				"ec2:DescribeSpotPriceHistory",
    				"ec2:DescribeSpotInstanceRequests",
    				"ec2:RequestSpotInstances",
    				"ec2:RunInstances",
    				"ec2:StartInstances",
    				
    				"ec2:DescribeAccountAttributes",
    				"ec2:DescribeSubnets",
    				"ec2:DescribeSecurityGroups"
    			],
    			"Effect": "Allow",
    			"Resource": [
    				"*"
    			]
    		},
    		{
    			"Action": [
    				"ec2:StopInstances",
    				"ec2:TerminateInstances"
    			],
    			"Effect": "Allow",
    			"Resource": "*",
    			"Condition": {
    				"StringEquals": {
    					"ec2:ResourceTag/redline": "T"
    				}
    			}
    		}
    	]
    }

    The iam:* actions are not required, but allow Redline to validate your policy. The actions following the skipped line are not essential, but recommended.  To read detailed explanations of the settings used please read here.