Skip to Content
Jun 26, 2019 at 07:59 AM

SAP Cloud Appliance Library - Deployment into AWS with assumeRole Calls



I am trying to deploy a CAL instance (S/4 HANA 1809) into my AWS account.
According to the information when specifying the AWS account for the deployment the following rights are required for the AWS account:

AmazonEC2FullAccess, AmazonVPCFullAccess, ReadOnlyAccess und AWSAccountUsageReportAccess

However according to our company policies it is not possible to assign AmazonEC2FullAccess and AmazonVPCFullAccess directly to a my AWS user account. The required rights should be retrieved via an STS AssumeRole API Call. This means that additionally to the Access and Secret key we would need a field to specify an
AWS Role ARN for the role that needs to be assumed for the deployment.

Is there a way to use AssumeRole calls for the CAL deployment into AWS?
If not, is this something which is planned to be available soon?

Thanks in advance and greetings.