aws-templateswordpress-production-ready

Understand the IAM policy configuration

If you encounter failures when deploying the Bitnami WordPress Production-Ready Stack solution using IAM account credentials, ensure that the IAM account supports the following IAM policies:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "acm:DeleteCertificate",
                "acm:DescribeCertificate",
                "acm:ExportCertificate",
                "acm:GetCertificate",
                "acm:ImportCertificate",
                "acm:ListCertificates",
                "acm:ListTagsForCertificate",
                "acm:RenewCertificate",
                "acm:RequestCertificate",
                "acm:ResendValidationEmail",
                "acm:UpdateCertificateOptions",
                "autoscaling:*",
                "aws-marketplace:ListBuilds",
                "aws-marketplace:StartBuild",
                "aws-marketplace:Subscribe",
                "aws-marketplace:Unsubscribe",
                "aws-marketplace:ViewSubscriptions",
                "cloudformation:*",
                "ec2:*",
                "elasticache:*",
                "elasticloadbalancing:*",
                "iam:*",
                "lambda:CreateFunction",
                "logs:*",
                "rds:*",
                "route53:*",
                "s3:CreateBucket",
                "SNS:ConfirmSubscription",
                "SNS:CreateTopic",
                "SNS:DeleteTopic",
                "SNS:GetTopicAttributes",
                "SNS:ListTopics",
                "SNS:Subscribe",
                "SNS:Unsubscribe",
                "sts:GetFederationToken"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "autoscaling:CreateAutoScalingGroup",
                "autoscaling:CreateLaunchConfiguration",
                "autoscaling:DeleteAutoScalingGroup",
                "autoscaling:DeleteLaunchConfiguration",
                "autoscaling:DeletePolicy",
                "autoscaling:PutScalingPolicy"
            ],
            "Resource": [
                "arn:aws:autoscaling:*:*:autoScalingGroup:*:autoScalingGroupName/*",
                "arn:aws:autoscaling:*:*:launchConfiguration:*:launchConfigurationName/*"
            ]
        }
    ]
}

Refer to the AWS IAM documentation for more information on creating and attaching policies to an IAM user account.

Last modification August 14, 2019