Atlassian uses cookies to improve your browsing experience, perform analytics and research, and conduct advertising. Accept all cookies to indicate that you agree to our use of cookies on your device. Atlassian cookies and tracking notice, (opens new window)
6pillars - Knowledge Base
AWS User Requirements
To deploy AUTOMATE LIGHT, AUTOMATE READ ONLY & AUTOMATE+ it is a requirement to be logged into the appropriate AWS account with one of the two methods:
a) AWS IAM User with Admin Access
b) AWS IAM User with appropriate AWS IAM permissions, the text file below contains the appropriate permissions for the AWS IAM User during the deployment process.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Statement1",
"Effect": "Allow",
"Action": [
"wellarchitected:*",
"securityhub:*",
"config:*",
"s3:GetObject",
"cloudformation:GetTemplateSummary",
"iam:ListRoles",
"sns:ListTopics",
"cloudformation:ListStacks",
"iam:ListPolicies",
"iam:ListPolicyVersions",
"iam:ListAttachedRolePolicies",
"iam:ListRolePolicies",
"ssm:DescribeAutomationExecutions",
"ssm:GetAutomationExecution",
"logs:DescribeLogGroups"
],
"Resource": [
"*"
]
},
{
"Sid": "Statement3",
"Effect": "Allow",
"Action": [
"cloudformation:*"
],
"Resource": [
"arn:aws:cloudformation:*:*:stack/six-pillars*"
]
},
{
"Sid": "Statement4",
"Effect": "Allow",
"Action": [
"iam:PassRole"
],
"Resource": [
"arn:aws:iam::*:role/AWSServiceRoleForConfig",
"arn:aws:iam::*:role/AWSServiceRoleForSecurityHub"
]
},
{
"Sid": "Statement2",
"Effect": "Allow",
"Action": [
"iam:*"
],
"Resource": [
"arn:aws:iam::*:role/SO0111*",
"arn:aws:iam::*:role/six-pillars*",
"arn:aws:iam::*:role/SixPillars*",
"arn:aws:iam::*:policy/SixPillars*",
"arn:aws:iam::*:policy/six-pillars*"
]
}
]
}