This article assumes you are configuring ProsperOps access and have already specified your AWS management account in the ProsperOps Console.
- Open a new browser tab, navigate to the AWS Console, and login to the management account.
- Return to the ProsperOps Console and click the Setup IAM Role button.
- You will be taken to the Create IAM Role page in the AWS Console with various ProsperOps non-permission role details (e.g. role name, entity type, account ID, external ID) pre-populated. Click Next.
- We're going to add an Inline policy after we create the role, so just click Next.
- No tags are required although you may enter tags if you choose. Click Next.
- Enter the following Role description:
Used by ProsperOps - www.prosperops.com. Must remain in place for ProsperOps to function correctly. Email email@example.com for assistance.
- Click Create role.
- Click on the newly created ProsperOps role to open the Role Summary screen then click on Add inline policy.
- Return to the ProsperOps Console and click the copy icon in the upper right corner of the policy window to copy the IAM policy to your clipboard.
- Return to the AWS Console. Select the JSON tab, paste the IAM policy into the editor, then click Review policy.
- Enter the following policy Name:
- Click Create policy.
- A ProsperOps IAM role has now been created with the necessary least privilege policy permissions.
- Return to the ProsperOps Console and click Validate Access.
- Once access is validated, you are ready for a savings analysis!