...
| Table of Contents | ||
|---|---|---|
|
Identify the permissions required in AWS
Before you configure AWS environment for Aquila Clouds platform, understand and identify all the permissions required by your organization for effectively monitoring and managing AWS resources.
Permissions for cost recommendations, alerts, utilization, Container and Application dashboard
This section lists the permissions that enable the cost recommendations, alerts and Container and Application dashboards in Aquila Clouds platform for your organization's AWS resources.ec2:DescribeSnapshots,ec2:DescribeVolumes,ec2:DescribeVolumeStatus,ec2:DescribeSnapshotAttribute,ec2:DescribeInstances,ec2:DescribeVolumeAttribute,ec2:DescribeInstanceStatus,ec2:DescribeTags,ecs:List*,ecs:Describe*,eks:List*,eks:Describe*,ec2:Describe*,elasticloadbalancing:Describe*,cloudwatch:ListMetrics,cloudwatch:GetMetricStatistics,cloudwatch:GetMetricData,cloudwatch:Describe*,autoscaling:Describe*,
Permissions for actions in the Recommendations dashboard and Action console
...
Comprehensive set of permissions for the entire set of features
This section lists comprehensive set of permissions for the entire set of features in the Aquila Clouds platform for your organization's AWS resources.{"Version": "2012-10-17","Statement": [{"Sid": "VisualEditor0","Effect": "Allow","Action": ["ec2:CopySnapshot","ec2:DescribeInstances","ec2:UnmonitorInstances","ec2:ModifyVolumeAttribute","ec2:MonitorInstances","ec2:CreateImage","ec2:ResetInstanceAttribute","ec2:CopyImage","ec2:DescribeSnapshots","ec2:ReportInstanceStatus","ec2:DeleteVolume","ec2:DescribeVolumeStatus","ec2:ModifySnapshotAttribute","ec2:StartInstances","ec2:CreatePlacementGroup","ec2:DescribeVolumes","ec2:ImportImage","ec2:DetachVolume","ec2:ModifyVolume","ec2:ResetImageAttribute","ec2:CreateTags","ec2:DescribeSnapshotAttribute","ec2:RegisterImage","ec2:ModifyInstanceEventStartTime","ec2:RunInstances","ec2:StopInstances","ec2:DescribeVolumeAttribute","ec2:CreateVolume","ec2:EnableVolumeIO","ec2:ModifyInstanceCapacityReservationAttributes","ec2:AttachVolume","ec2:ImportVolume","ec2:RequestSpotInstances","ec2:DeleteTags","ec2:RunScheduledInstances","ec2:RequestSpotFleet","ec2:ModifyImageAttribute","ec2:CreateSnapshot","ec2:ModifyInstanceAttribute","ec2:ModifyReservedInstances","ec2:DescribeInstanceStatus","ec2:RebootInstances","ec2:CreateInstanceExportTask","ec2:ModifyInstancePlacement","ec2:TerminateInstances","ec2:ImportInstance","ec2:DescribeTags","ec2:ResetSnapshotAttribute","ec2:ImportSnapshot","ec2:CreateLaunchTemplateVersion","ec2:CreateLaunchTemplate","ec2:ModifyInstanceCreditSpecification","ec2:AssociateIamInstanceProfile","ecs:List*","ecs:Describe*","eks:List*","eks:Describe*","ec2:Describe*","elasticloadbalancing:Describe*","cloudwatch:ListMetrics","cloudwatch:GetMetricStatistics","cloudwatch:GetMetricData","cloudwatch:Describe*","autoscaling:Describe*","ec2:DescribeInstances","ec2:StartInstances","ec2:StopInstances","rds:DescribeReservedDBInstances","rds:ListTagsForResource","rds:DescribeDBInstances","rds:DescribeDBParameters","pi:*","rds:DescribeDBClusters"],"Resource": "*"}]}
...
Define permissions for billing reports
Thi section lists the permissions that enable billing reports of your organization's AWS resources on the Aquila Clouds platform.
{
"Version": 2012-10-17,
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:Get*",
"s3:List*"
],
"Resource": [
"arn:aws:s3:::BUCKET_NAME",
"arn:aws:s3:::BUCKET_NAME/*"
]
}
]
}
...