Creating an access policy for use with CMM

When keys have been created, the user settings need to the edited as below to create an access policy for use with CMM:

  1. From the IAM Console, go to Policies.

  2. Click the Create Policy button.

    14 04

  3. Click the Select button for Policy Generator.

  4. Select Amazon EC2 in the AWS Service combo box and then enable the following options in the Actions combo box:

    • AssociateAddress

    • DescribeAddresses

    • DescribeInstanceStatus

    • DescribeInstances

    • DescribeRegions

    • DescribeTags

    • StartInstances

    • StopInstances

  5. Enter '*' into the Amazon Resource Name field. You should now see this:

    14 05

  6. Click the Add Statement button.

  7. Select Amazon Route 53 in the AWS Service combo box and then enable the following options in the Actions combo box:

    • ChangeResourceRecordSets

    • GetChange

    • ListHostedZones

    • ListResourceRecordSets

  8. Enter '*' into the Amazon Resource Name field.

  9. Click the Add Statement button.

  10. Select Amazon CloudWatch in the AWS Service combo box and then enable the following options in the Actions combo box:

    • GetMetricStatistics

  11. Enter '*' into the Amazon Resource Name field.

  12. Click the Add Statement button.

  13. Select AWS Identity and Access Management in the AWS Service combo box and then enable the following options in the Actions combo box:

    • ListAccessKeys

  14. Enter '*' into the Amazon Resource Name field.

  15. Click the Add Statement button.

  16. Click Next Step.

  17. Enter a Policy Name in the field provided. You may want to call it something like "CMM_Policy".

  18. Click the Create Policy button.

A video demonstration on how to create your access policy is available here.