search

fourcodes-org / proof-of-concepts

2 stars 1 forks source link

55.Create the IAM role for APIGateway to access all the AWS resources #113

Closed four-codes closed 1 year ago

four-codes commented 1 year ago

your apigateway role name should resemble "role-apigateway-januo-001-env-purpose."

fourtimes commented 1 year ago

Create the IAM role for APIGateway to access all the AWS resources using managed policy

  1. Go to the "IAM" resource.
  2. Under the resource, we have a "role" option.
  3. After that, click on the "create role" option. then we have to select the identity type & use case for API Gateway.
  4. After click on the "Next" button, We have to enter the "Role Name" in the name of role-apigateway-ashli-001-dev-accessAllAwsResources format.
  5. Then, we have to click on the "create role" button.
  6. After creating the role, we have to add the Permissions for "AdministratorAccess".

OUTPUT:

Image

Image

four-codes commented 1 year ago

@fourtimes Show me the API GATEWAY POLICY JSON.

{
    "Version": "2012-10-17",
    "Statement": [
                {
            "Effect": "Allow",
            "Action": [
                "apigateway:*"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": "*",
            "Resource": "*"
        }

    ]
}
four-codes commented 1 year ago

Do not use visual editor @fourtimes @rio-ke

four-codes commented 1 year ago

@fourtimes The JSON above represents a trusted relationship.

fourtimes commented 1 year ago

@januo-io Not sure how to find it.

four-codes commented 1 year ago

Select the role and you may find in the JSON tab.

four-codes commented 1 year ago

All resources, like admin privileges, are significant

four-codes commented 1 year ago

In this case, we don't know how many resources are available today and tomorrow. We can provide the admin privileges; it should be fine.

fourtimes commented 1 year ago

Create the IAM role for APIGateway to access all the AWS resources using Custom Policy

  1. go to the IAM resource.
  2. under the IAM resource, click on the "Roles" option.
  3. then, create the role using API gateway use case & without selecting any policies & the name of role should be role-apigateway-ashli-001-dev-accessAllAwsResources.
  4. after creating the role, we have to open the created role.
  5. go to the Permissions Option & click on the Add Permission & click on the Attach Policies
  6. click on the create policy option.
  7. click on the policy editor for JSON option.

  8. create the custom policy for Administrator Access 

    {
"Version": "2012-10-17",
"Statement": [
    {
        "Effect": "Allow",
        "Action": "*",
        "Resource": "*"
    }

]
}
  9. click on the Next button & enter the policy name in the name of policy-ashli-001-apigateway-adminaccess & create the policy using the create policy button.
  10. go to the Roles menu
  11. click on the role-apigateway-ashli-001-dev-accessAllAwsResources
  12. go to the Permissions Option & click on the Add Permission & click on the Attach Policies
  13. select the policy-ashli-001-apigateway-adminaccess policy & click on Add Permission

OUTPUT:

image

four-codes commented 1 year ago

Why did you add the apiGateway Policy @fourtimes ?

@januo-io i don't read question properly? that's why i made a mistake.

four-codes commented 1 year ago

ApiGateway is a component of a source resource. Within a resource, it can be accessed to interact with anything, such as localhost.

four-codes commented 1 year ago

Awesome