In this example, we use a common use case where you need to monitor the state of your instances. The goal is to create an EIM profile with its own access keys for your automation tool, that enables it to only perform the required actions.
In this example, we will:
- Create a group of users.
- Create the adequate policy for this group.
- Create a user.
- Generate a pair of access key and secret key, that will be set for the instance and the program that will interact with our APIs to manage your infrastructure.
Use your EIM connector (CLI, Boto). In this example, we use boto2.
Create your group
Create an EIM policy document
In this example, the policy document allows Describe calls in FCU and LBU services:
Attach the policy to the group
Create your user
Add your user to the group
Generate access keys for your user
You now have a set of access key and secret key that can be used by your script to check the state of your infrastructure. We recommend to use these access keys for this purpose only.