使用 AWS 控制台创建 IAM 资源
| Redis 云 | 
|---|
要使用 AWS 控制台手动创建 IAM 资源,请执行以下步骤。
步骤 1:创建 IAM 实例策略
首先,创建一个用于新实例角色的策略:
- 
在 AWS IAM 控制台中,转到 Policies (策略) > Create policy (创建策略)。 
- 
在 JSON 选项卡中,粘贴 RedisLabsInstanceRolePolicy.json 策略文件的内容,如下所示: 
- 
Validate it and then select Review Policy. 
- 
Enter RedisLabsInstanceRolePolicy as the policy name and then select Create Policy. 
Step 2: Create the service role
To create the role that uses the policy:
- In the AWS IAM console, go to Roles and click Create Role.
- Select AWS Service as the trusted entity, EC2 as the service
and use case, and click Next: Permissions.
- Enter RedisLabsInstanceRolePolicyin the search box to look up the policy we just created,
select it, and click Next: Review.
- Name the role redislabs-cluster-node-roleand click Create Role.
Step 3: Create the user policy
Now create a policy to assign to the user:
- 
In the AWS IAM console, go to Policies > Create policy. 
- 
In the JSON tab, paste the contents of the RedisLabsIAMUserRestrictedPolicy.json policy file. 
- 
Validate the policy and click Review Policy. 
- 
Enter RedislabsIAMUserRestrictedPolicyas the policy name and click Create Policy.
 
Step 4: Create the programmatic access user
Create a user and attach the policy you created:
- In the AWS IAM console, go to Users > select Add user.
- Name it redislabs-userand check only the Programmatic access checkbox.
- Click Next: Permissions.
- Select Attach existing policies directly and select
RedislabsIAMUserRestrictedPolicy from the list.
- Click Next: Review.
- Click Create user.
- Download the user credentials and store them in a secure location.
Step 5: Create the console access role
Last, create a role and attach the policy you created:
- In the AWS IAM console, go to Roles > select Create role.
- Select Another AWS account.
- Under Account ID, enter account number 168085023892(Redis Cloud's AWS account).
- Under Options, check the Require MFA checkbox only. Do not check Require external ID.
- Click Next: Permissions.
- Attach the policy RedisLabsIAMUserRestrictedPolicy to the role.
- Click Next: Review.
- Name the role redislabs-roleand then click Create role.
    
    
  
    
      
      
      
        On this page