Overview
To be able to start a Live Optics AWS collection, you need to enter an Access Key ID and a Secret Access Key as credentials. Live Optics recommends that you create a temporary IAM User account that is used solely for the purposes of the Live Optics collection. This document will help you understand what an Access Key and its components is, the Access Key ID, and the Secret Access Key, and how to create them with the correct privileges to run a Live Optics Collection.
Creating an AWS Temporary IAM User
Step 1: Access your AWS Management Console, then under Security, Identity & Compliance click on IAM
Step 2: From the IAM dashboard, click on User.
Step 3: Then Click on Add User
Step 4: First, choose a Username (1) , then choose the Programmatic access option (2), then click on Next Permissions (3)
Step 5: Choose Attach existing policies directory (1), then click on Create policy (2)
Step 6: A new tab will pop-up with the Create policy view, Choose the JSON option (1), then copy paste the content of the below JSON , after that click on Review Policy (2). AWS_Policy file is attached at the bottom of the article.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": "autoscaling:DescribeAutoScalingGroups",
"Resource": "*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "0.0.0.0/0"
}
}
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": [
"cloudwatch:GetMetricData",
"cloudwatch:ListMetrics"
],
"Resource": "*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "0.0.0.0/0"
}
}
},
{
"Sid": "VisualEditor2",
"Effect": "Allow",
"Action": [
"ec2:DescribeInstances",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeRegions",
"ec2:DescribeVolumes",
"ec2:DescribeInstanceTypes",
"ec2:DescribeSnapshots"
],
"Resource": "*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "0.0.0.0/0"
}
}
},
{
"Sid": "VisualEditor3",
"Effect": "Allow",
"Action": "elasticfilesystem:DescribeFileSystems",
"Resource": "*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "0.0.0.0/0"
}
}
},
{
"Sid": "VisualEditor4",
"Effect": "Allow",
"Action": [
"elasticloadbalancing:DescribeLoadBalancerAttributes",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeTargetHealth",
"elasticloadbalancing:DescribeTargetGroups"
],
"Resource": "*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "0.0.0.0/0"
}
}
},
{
"Sid": "VisualEditor5",
"Effect": "Allow",
"Action": [
"elasticloadbalancing:DescribeLoadBalancerAttributes",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeInstanceHealth"
],
"Resource": "*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "0.0.0.0/0"
}
}
},
{
"Sid": "VisualEditor6",
"Effect": "Allow",
"Action": "glacier:ListVaults",
"Resource": "*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "0.0.0.0/0"
}
}
},
{
"Sid": "VisualEditor7",
"Effect": "Allow",
"Action": [
"rds:DescribeDBInstances",
"rds:DescribeDBClusters"
],
"Resource": "*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "0.0.0.0/0"
}
}
},
{
"Sid": "VisualEditor8",
"Effect": "Allow",
"Action": [
"s3:GetEncryptionConfiguration",
"s3:GetLifecycleConfiguration",
"s3:GetBucketWebsite",
"s3:ListAllMyBuckets",
"s3:GetBucketVersioning",
"s3:GetBucketLocation"
],
"Resource": "*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "0.0.0.0/0"
}
}
}
]
}
Step 7: Type a Policy name in the Name field (1), then click on Create policy (2), you will then get a screen stating that your policy has been created
Step 8: Navigate back to , Refresh the page to reflect the newly created policy, Type the name of the policy in the search box, select the policy you just created (1), then click on Next Tags (2)
Step 9: Add a Key name (1), then click on Next Review (2)
Step 10: After Reviewing, Click on Create User.
Step11: Please note that this will be the only time that you will be able to see your Access Key ID and Secret access key, you must either Download CVS (1) or Save your credentials (2).
Step 12: Once you get the Access key ID and Secret access key, you will be able to use them as credentials to start a Live Optics AWS collection.
You are now ready to begin your Live Optics collection.