Creating the IAM service role for CodeDeploy

CodeDeploy permissions work with IAM at the individual application level. In order to provide sufficient permissions, we will create a new IAM service role with the following policy:

{ 
  "Version": "2012-10-17", 
  "Statement": [ 
    { 
      "Sid": "", 
      "Effect": "Allow", 
      "Principal": { 
        "Service": [ 
          "codedeploy.amazonaws.com" 
        ] 
      }, 
      "Action": "sts:AssumeRole" 
    } 
  ] 
}

We will create our new role that will be called CodeDeployServiceRole using the command-line interface, using the following command:

$ aws iam create-role 
      --role-name CodeDeployServiceRole 
      --assume-role-policy-document 
      http://bit.ly/2uCWY9V

We now need to attach the role policy to provide the proper permissions to the service role:

$ aws iam attach-role-policy 
      --role-name CodeDeployServiceRole 
      --policy-arn 
        arn:aws:iam::aws:policy/service-role/AWSCodeDeployRole

Our IAM service role is now ready and we can finally start interacting with CodeDeploy web interface.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset