Table of Contents Previous Next


3 Accessing the Ark Console : 3.1 Using Self-Registration on an Amazon Hosted Console

As part of the registration process for the Ark console, you must create an Amazon IAM role and perform a handshake between the Ark console and the Amazon management console. The handshake associates the external ID provided by the Ark console with the Amazon role, and the Role Arn provided by the Amazon console with the Ark user.
Please note that each time you refresh the Ark New User dialog, the external ID displayed on the registration dialog will change; you must have access to both the Ark console and the Amazon management console while registering an Ark user.
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\fbab55b0\Screen Shot 2017-01-11 at 1.19.14 AM.png
Navigate to the Roles dashboard, and click the Create New Role button.
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\6d17e56c\Screen Shot 2017-01-11 at 1.19.58 AM.png
When the Set Role Name dialog opens (shown in Figure 3.5), specify a name for the new role and click Next Step to specify a role type.
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\e93d7cf7\Screen Shot 2017-01-05 at 4.21.31 PM.png
On the Select Role Type dialog, select the AWS Service Roles radio button (shown in Figure 3.6), and then the Select button to the right of Amazon EC2 to continue to the Attach Policy dialog.
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\e9377ce9\Screen Shot 2017-01-05 at 4.22.29 PM.png
When the Attach Policy dialog (shown in Figure 3.7) opens, do not specify a policy; instead, click Next Step to continue to the Review dialog.
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\2063799e\Screen Shot 2017-01-11 at 1.21.45 AM.png
When the Review dialog opens (as shown in Figure 3.8), review the information displayed, and then click Create Role to instruct the AWS management console to create the described role.
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\7d96d40f\Screen Shot 2017-01-11 at 1.22.23 AM.png
The role will be displayed in the role list on the Amazon IAM Roles page (see Figure 3.9). The Summary tab will display a Role ARN, but the ARN will not be enabled until the security policy and trust policy are updated.
After completing the Create Role wizard, you must modify the inline policy and trust relationship (defined by the security policy) to allow Ark to use the role. Highlight the role name; then navigate to the Permissions tab and open the Inline Policies menu. Select click here to add a new policy (see Figure 3.10).
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\e9be7df3\Screen Shot 2017-01-05 at 4.25.34 PM.png
When the Set Permissions dialog opens, select the Custom Policy radio button, and then click the Select button (see Figure 3.11).
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\a4cae180\Screen Shot 2017-01-05 at 4.25.59 PM.png
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\7d1fd594\Screen Shot 2017-01-11 at 1.26.31 AM.png
Use the fields on the Set Permissions dialog (Figure 3.12) to define the security policy:
Copy the security policy text into the Policy Document field. The security policy required by Ark is available in Section 15, AWS Resources.
After providing security policy information, click Apply Policy to return to the Role information page. Then, select the Edit Trust Relationship button (located in the Trust Relationships section) to display the Policy Document (see Figure 3.13).
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\7f94d220\Screen Shot 2017-01-11 at 1.33.11 AM.png
Replace the displayed content of the policy document with the content of the file available in Section 15, AWS Resources.
EDB-PPCD-CONSOLE is a placeholder within the trust policy. You must replace the placeholder with the External ID provided on the Step 2 tab of the Ark console New User Registration dialog.
To retrieve the External ID, open another browser window and navigate to the Log In page of your Ark console. Click the Register button to open the New User Registration dialog (shown in Figure 3.14).
Screen shot 2014-05-21 at 5
Enter user information in the User Details box located on the Step 1 tab:
Enter your first and last names in the First Name and Last Name fields.
Provide an email address in the Email field; please note that the email address is used as the Login identity for the user.
Use the drop-down listbox in the Cloud Provider field to select the host on which the cloud will reside.
When you've completed Step 1, click Next to access the Step 2 tab (see Figure 3.15).
The Step 2 tab of the New User Registration dialog will display a random External ID number. Copy the External ID from the Step 2 dialog into the trust policy, replacing EDB-PPCD-CONSOLE. Please note that you must enclose the External ID in double-quotes ("). Click the Update Trust Policy button to save your edits and exit the dialog.
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\7f17d3a8\Screen Shot 2017-01-11 at 1.36.26 AM.png
Your Amazon IAM role ARN is displayed on the IAM Roles detail panel of the Amazon management console. Highlight a role name to display the assigned value on the Summary page. (as shown in Figure 3.16).
Screen shot 2014-07-22 at 3
Enter your Amazon IAM role ARN in the Role Arn field on the Step 2 dialog, and click Finish to complete the registration (see Figure 3.16). Select Cancel to exit without completing the registration.
After completing the registration, you can use the Login/Register dialog (shown in Figure 3.17) to access the Ark console.
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\b3e8cde4\Screen Shot 2017-01-11 at 1.55.28 AM.png
Enter the registered email address in the Username field, and the associated password in the Password field, and click Log In to connect to the Ark console.

3 Accessing the Ark Console : 3.1 Using Self-Registration on an Amazon Hosted Console

Table of Contents Previous Next