The instructions below describe how to set up authentication credentials for managing PKE clusters through Banzai Cloud Pipeline.

This list allows you to try all features of Banzai Cloud Pipeline. Banzai Cloud offers a more granular list of permissions for its customers that consists of the permissions that are required for the features the customer decides to use.


Create an AWS user 🔗︎

Log in to the AWS Management Console. Click Services and select IAM.

AWS Services

IAM service


Click Users, then click Add user.

IAM Users

IAM Add User


Enter User name and choose Programmatic access Access type.

IAM User name


Click Next: Permissions to set up permissions for this user:

Choose whether to add a user to a group, copy permissions from an existing user, or attach existing policies directly.

Note: Amazon recommends using groups to manage user permissions. IAM Create Group


Attach policies 🔗︎

Attach the following Managed policies to the group:

  • AmazonEC2FullAccess
  • IAMFullAccess
  • AWSPriceListServiceFullAccess
  • IAMUserChangePassword
  • AmazonVPCFullAccess
  • AmazonS3FullAccess — only necessary if the same credentials are going to be used for S3 bucket creation operations (e.g.: the creation of a new S3 bucket for centralized log collection)

Create the following Inline policy for the group by clicking on Create Group Policy. Select Custom Policy, then click Select. Provide a policy name (e.g. PKE) and specify the following Policy Document:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "cloudformation:*"
      ],
      "Resource": [
        "*"
      ]
    }
  ]
}

Click Apply Policy.

AWS Create Policy


Click Next: Review.

AWS User create review


Click Create user.

AWS Create User


Click Download.csv and save the user’s security credentials to your computer. Banzai Cloud Pipeline will ask for these credentials when creating an PKE cluster.

Then click Close to return to the Users page.