Create a Permission Set
Create a Permission Set and configure assignments to provide users with tailored access to Stax-managed AWS accounts.
Before You Begin
-
Estimated time to complete: 15-20 minutes
-
Ensure you are a member of the Admin role in your Stax tenancy
-
Have an intermediate understanding of AWS IAM Policies
-
Determine the IAM Policy to be assigned by reviewing the AWS managed policy list and/or have an inline IAM policy prepared in JSON format
Create a Permission Set
- Log in to the Stax Console
- Choose Identity in the left-hand nav, then choose Permission Sets
- Choose +Create to get started
- On the Permission Set details page, complete the fields as appropriate:
- Permission Set Name: the name of the Permission Set. This is the name users will see when accessing Stax-managed AWS accounts using this Permission Set
- Description: A description of the Permission Set
- Max Session Duration: The maximum session duration for the Permission Set in seconds. Supported values are 3600 (1 hour) to 43200 (12 hours)
- For referencing AWS Managed Policies, review the list of available policies and copy and paste the name of the policy in the field provided, then click Add Note: As per IAM quotas, a default maximum of 10 managed policies can be added
- For entering a custom inline IAM policy, complete the fields as appropriate:
- IAM Policy Name: The name of the IAM Policy to be associated with this Permission Set
- IAM Policy: The JSON formatted IAM Policy document
Note: As per IAM character limits, policy size cannot exceed can't exceed 10,240 characters
- Apply any tags as appropriate, then choose Create to create the Permission Set
Once the Permission Set has been created, one or more Permission Set Assignments should be created to allow users to utilize it.