question

Upvotes
Accepted
98 1 2 4

Minimal IAM Permissions for Launchpad

Launchpad for Data Fusion Community Edition requires AWS access keys. When creating access keys using IAM, what are the permissions that Launchpad requires? I know that the "AdministratorAccess" policy is sufficient, but is there a more minimal set of permissions that are recommended?

data-fusionaws
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

Upvotes
Accepted
116 1 0 2

Hi Andrew,

We use terraform.io to build the infrastructure in AWS - it does need to create, read, update, and delete these resources -

resource "aws_key_pair" "launchpad-provision"
resource "aws_instance" "master"
resource "aws_instance" "slave_1"
resource "aws_instance" "slave_2"
resource "aws_security_group" "datafusion-public"
resource "aws_security_group" "datafusion-private"
resource "aws_security_group" "datafusion-inter-private"
resource "aws_security_group" "datafusion-private-to-public"
resource "aws_vpc" "datafusion"
resource "aws_internet_gateway" "public"
resource "aws_subnet" "datafusion-public-subnet"
resource "aws_route_table" "public"
resource "aws_route_table_association" "public"
resource "aws_eip" "nat"
resource "aws_nat_gateway" "nat"

Terraform doesn't have a way to output a nice policy document, but this should get you started. Let me know if you come up with something or would like some help with it.

Thanks,
-Eric

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.