These lists are a guide to Amazon policies only. Please check your policies with your AWS expert.
| Abiquo Functionality | Policies | Notes | | Reseller admin user | Reseller customer user | Standard
billing
user | Standard
admin
user |
|---|
| Billing dashboard for customers | "AmazonS3ReadOnlyAccess" | To allow the Billing process to access the S3 bucket to obtain the CSVs. | |
|
|  |
|
| Price list synchronization | "AWSPriceListServiceFullAccess" | To synchronize the prices of the hardware profiles in pricing models |
|
|
| |
|
| Compute features | - ec2
- elasticloadbalancing
- cloudwatch
- autoscaling
- IAM ServerCertificate
- List, Get, Update, Create
| To create resources | | | |
| |
| Create customer account for partners | "CreateServiceLinkedRole",
"AssumeRole"
| To create a customer account under a partner account.  Also requires compute features |
| |
|
|
|
| Export template to AWS | "vmimport" role | To export templates to AWS your account will require a service role |
| | |
| |
Click here to show/hide the example of compute policies
These policies allow users to work with the AWS compute functionality in the platform.
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "ec2:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "elasticloadbalancing:*",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "cloudwatch:*",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"iam:DeleteServerCertificate",
"iam:UploadServerCertificate",
"iam:ListServerCertificates",
"iam:GetServerCertificate"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "autoscaling:*",
"Resource": "*"
}
]
}
Click here to show/hide the example of pricing policies
These policies allow the user to onboard and synchronize price lists for hardware profiles for use in pricing models
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "ec2:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "elasticloadbalancing:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "cloudwatch:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "autoscaling:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "pricing:*",
"Effect": "Allow",
"Resource": "*"
}
]
}
Click here to show/hide the example of policies to create customer accounts
These policies allow the user to create a customer account
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"organizations:*",
"iam:CreateServiceLinkedRole",
"sts:AssumeRole"
],
"Resource": "*"
},
{
"Action": "ec2:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "elasticloadbalancing:*",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "cloudwatch:*",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"iam:DeleteServerCertificate",
"iam:UploadServerCertificate",
"iam:ListServerCertificates",
"iam:GetServerCertificate"
],
"Resource": "*"
}
]
}