Skip to main content

Configure AWS access credentials

NineData supports access key of the AWS account to create the terminal node of the private network connection for NineData, query some necessary information of the private network connection, EC2, RDS and other products, and establish the connection between the NineData server and the database. Peer-to-peer network connection.

Permission description

To leverage this menthod, user's AWS access credentials need to have the following permissions (presented in the form of JSON permission scripts).

{
    "Version":"2012-10-17",
    "Statement":[
        {
            "Effect":"Allow",
            "Action":[
                "ec2:AuthorizeSecurityGroupIngress",
                "ec2:CreateSecurityGroup",
                "ec2:CreateVpcEndpoint",
                "ec2:CreateSubnet",
                "ec2:DescribeInstances",
                "ec2:DescribeNetworkInterfaces",
                "ec2:DescribeVpcEndpointServices",
                "ec2:DescribeVpcEndpoints",
                "ec2:DescribeVpcs",
                "ec2:DescribeSubnets",
                "ec2:DescribeSecurityGroups",
                "ec2:DescribeSecurityGroupRules",
                "ec2:ModifyVpcEndpointServicePermissions",
                "rds:DescribeDBInstances"
            ],
            "Resource":"*"
        }
    ]
}
tip

For a sub-account, please contact the administrator to authorize the sub-account according to the content of this article.

Step 1: Create a custom policy

  1. Log in to the AWS IAM Console, click Access management > Policies in the left navigation bar.

  2. Click Create Policy in the upper right corner of the page to enter the Create Policy page.

  3. Click the JSON tab, copy the permission script in the Permission Description of this article, paste it into the text box below JSON, and click Next: Tags.

  4. Click Next: Review, and enter the policy name on the Review Policy page.

    tip

    The policy name supports 1 to 128 characters, which can contain English letters, numbers and special characters (‘+=,.@-_’).

  5. Click Create Policy.

Step 2: Add AccessKey

  1. Log in to the AWS IAM console, click Access management > Users in the left navigation bar, in the user list Find an authorized user and click on their username.

    tip

    The authorized user must belong to the AccessKey to be added.

  2. On the user details page, click Add permissions under the Permissions tab.

  3. Click Attach existing policies directly option, and find the custom policy created in Step 1 in the policy list below, click to select the policy, and click Next: Review.

    tip

    Enter a policy name in the search box for fuzzy search.

  4. Click Add Permissions to complete the authorization.

  5. Click the user name in the upper right corner of the console, click Security credentials in the pop-up drop-down window, or click [here](https://console.aws.amazon.com/iam/ home#/security_credentials) to enter the My security credentials page to obtain Access key ID and Secret access key. For more information, see Managing access keys for IAM users.

  6. Log in to NineData Console, click Datasource > Access Credentials on the left console, and click Create Credentials in the upper right corner, configure according to the table below, and click Create Credential.

    Parameter
    		Description
    NameEnter a credential name. To facilitate subsequent search and management, please try to use meaningful names.
    Cloud VendorClick AWS.
    TypeSelect AccessKey .
    Access KeyEnter the obtained Access key ID.
    Access Key SecretEnter the obtained Secret access key.
Last updated on