Understand the IAM policy configuration
If you encounter failures when deploying the Bitnami LAMP Production-Ready Stack solution using IAM account credentials, ensure that the IAM account supports the following IAM policies:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"acm:DeleteCertificate",
"acm:DescribeCertificate",
"acm:ExportCertificate",
"acm:GetCertificate",
"acm:ImportCertificate",
"acm:ListCertificates",
"acm:ListTagsForCertificate",
"acm:RenewCertificate",
"acm:RequestCertificate",
"acm:ResendValidationEmail",
"acm:UpdateCertificateOptions",
"autoscaling:*",
"aws-marketplace:ListBuilds",
"aws-marketplace:StartBuild",
"aws-marketplace:Subscribe",
"aws-marketplace:Unsubscribe",
"aws-marketplace:ViewSubscriptions",
"cloudformation:*",
"ec2:*",
"elasticache:*",
"elasticloadbalancing:*",
"iam:*",
"lambda:CreateFunction",
"logs:*",
"rds:*",
"route53:*",
"s3:CreateBucket",
"SNS:ConfirmSubscription",
"SNS:CreateTopic",
"SNS:DeleteTopic",
"SNS:GetTopicAttributes",
"SNS:ListTopics",
"SNS:Subscribe",
"SNS:Unsubscribe",
"sts:GetFederationToken"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"autoscaling:CreateAutoScalingGroup",
"autoscaling:CreateLaunchConfiguration",
"autoscaling:DeleteAutoScalingGroup",
"autoscaling:DeleteLaunchConfiguration",
"autoscaling:DeletePolicy",
"autoscaling:PutScalingPolicy"
],
"Resource": [
"arn:aws:autoscaling:*:*:autoScalingGroup:*:autoScalingGroupName/*",
"arn:aws:autoscaling:*:*:launchConfiguration:*:launchConfigurationName/*"
]
}
]
}
Refer to the AWS IAM documentation for more information on creating and attaching policies to an IAM user account.