Skip to Content
Dec 08, 2013 at 08:23 PM

IAM Role instead of root? -> Didn't work for me. I used Group instead.



maybe anyone else tried to use an other user than root, following this FAQ-entry:

>> Is is possible to use an IAM role instead of the root AWS account?

>> Yes, this is possible. Please ensure that the IAM role has the following permissions configured: AmazonEC2FullAccess, AmazonVPCFullAccess,

>> ReadOnlyAccess and AWSAccountUsageReportAccess. You can then use the access and secret key of the IAM role in CAL.

It didn't work for me.

  • First i tried to attach the permissions directly to an additionaly created user SAP_CAL.
    The system complained about too many permissions attached to the user when i tried to attach the last one.
  • I created the Role and attached successfully all the permissions.
    But i wasn't able to attach the role to the user.
    (.. and i have no idea if there is a way to do so. I thought that the role might be attached to a group and authorize the users within the group)
  • At the end i created a group with all the mentioned permissions and included the user SAP_CAL to this group.
  • Finaly i entered the keys from the user SAP_CAL in the CAL and now it works fine.

Is any AWS-expert here to comment this?
(Maybe i was only going the wrong way?)

Best regards