Get Postgres Tips and Tricks
Subscribe to get advanced Postgres how-tos.
Amazon IAM Role Trust Relationship¶
When you define an Amazon IAM role, you are required to provide a security policy and an updated trust relationship policy document. You can use the following trust relationship document:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Action": "sts:AssumeRole"
},
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::your_account_number:root"
},
"Action": "sts:AssumeRole",
"Condition": {
"StringEquals": {
"sts:ExternalId": "EDB-ARK-SERVICE"
}
}
}
]
}
Previous topic
AWS IAM Role Permission Policy
Next topic
Amazon Service User Security Policy
Table Of Contents
- What’s New
- Supported Platforms
- Ark Architecture Overview
- Registering an Ark Cluster with PEM
- Ark Authentication Models
- Installing the Ark Console
- Administrative Features of the EDB Ark Console
- Using the Admin Tab
- Using the Ark DBA Tab
- Console Management
- Securing EDB Postgres Ark
- Creating a Statically Provisioned Image
- EDB Postgres Ark Notifications
- EDB Postgres Ark Resources
- Creating a Statically Provisioned Image
- AWS IAM Role Permission Policy
- Amazon IAM Role Trust Relationship
- Amazon Service User Security Policy
- Conclusion