Create new IAM user using AWS console
https://console.aws.amazon.com/iam/home#users
Create new user awsdave
Download user credentials into file
Create roles and assign policy as described in AWS tutorial video
https://www.youtube.com/watch?v=qZa5JXmsWZs&list=LLl1AVDEQMsLIiTYI5M-v0ow&index=1
Create role CodeDeploy
Create role EC2CodeDeploy
Create new policies using AWS console
Required role policies samples are here https://github.com/andrewpuch/code_deploy_example/blob/master/IAM.txt
Create new custom policy CodeDeploy and
EC2CodeDeploy
EC2CodeDeploy
Create new roles using AWS console
https://console.aws.amazon.com/iam/home#rolesCreate roles and assign policy as described in AWS tutorial video
https://www.youtube.com/watch?v=qZa5JXmsWZs&list=LLl1AVDEQMsLIiTYI5M-v0ow&index=1
Create role CodeDeploy
Create role EC2CodeDeploy
Launch EC2 instance
Select EC2 instance IAM role EC2CodeDeploy
Policy CodeDeploy
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"autoscaling:PutLifecycleHook",
"autoscaling:DeleteLifecycleHook",
"autoscaling:RecordLifecycleActionHeartbeat",
"autoscaling:CompleteLifecycleAction",
"autoscaling:DescribeAutoscalingGroups",
"autoscaling:PutInstanceInStandby",
"autoscaling:PutInstanceInService",
"autoscaling:DescribeLifecycleHooks",
"ec2:Describe*"
],
"Effect": "Allow",
"Resource": "*"
}
]
}
Trust Relationship
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"Service": [
"codedeploy.us-east-1.amazonaws.com",
"codedeploy.us-west-2.amazonaws.com",
"codedeploy.ap-northeast-2.amazonaws.com",
"codedeploy.ap-southeast-2.amazonaws.com",
"codedeploy.ap-southeast-1.amazonaws.com",
"codedeploy.us-west-1.amazonaws.com",
"codedeploy.eu-west-1.amazonaws.com",
"codedeploy.ap-south-1.amazonaws.com",
"codedeploy.eu-central-1.amazonaws.com",
"codedeploy.ap-northeast-1.amazonaws.com",
"codedeploy.sa-east-1.amazonaws.com"
]
},
"Action": "sts:AssumeRole"
}
]
}