Configuring authentication with AWS
Before you can start using Cloudbreak for provisioning clusters, you must select a way for Cloudbreak to authenticate with your AWS account and create resources on your behalf.
There are two ways to do this:
-
Key-based: This is a simpler option which does not require additional configuration at this point. It requires that you provide your AWS access key and secret key pair in the Cloudbreak web UI later.
-
Role-based: This requires that you or your AWS admin create an IAM role (referred to as the CloudbreakRole) to allow Cloudbreak to assume AWS roles (the AssumeRole policy). Later, you must create another IAM role (referred to as the CredentialRole) for Cloudbreak to be able to perform specific actions via Cloudbreak credential.
If you chose the key-based option, you do not need to do anything at this point and can proceed to the next step.
If you chose the role-based option, proceed to create the CloudbreakRole and then attach the role to your VM. For more information on how role-based authentication works, refer to Authentication with AWS. For instructions on how to create and attach the CloudbreakRole, refer to the documentation linked below: