Set up an identity access management (IAM) role for an Amazon Elastic Compute Cloud (EC2) instance

Views:

To begin setting up the image builder and creating an Amazon Elastic Compute Cloud (EC2) instance, follow these steps:

Procedure

Go to IAM → Roles.
Create a new role.
Select EC2 as the Trusted entity type.
Add the following permission policies to the role:
- AmazonSSMFullAccess
- AmazonSSMManagedInstanceCore
- EC2InstanceProfileForImageBuilder
Name the role.
Finish creating the role.

Edit the role to add the following inline policy:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "ssm:PutParameter",
                "ssm:LabelParameterVersion",
                "ssm:DeleteParameter",
                "ssm:UnlabelParameterVersion",
                "ssm:DescribeParameters",
                "ssm:GetParameterHistory",
                "ssm:DescribeDocumentParameters",
                "ssm:GetParametersByPath",
                "ssm:GetParameters",
                "ssm:GetParameter",
                "ssm:DeleteParameters",
                "s3:get*",
                "s3:List*",
                "imagebuilder:GetComponent"
            ],
            "Resource": "*"
        }
    ]
}

What to do next

Create a recipe with a Trend Vision One Endpoint Security agent component.