...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
Applies to:Kyvos Enterprise Kyvos Azure Marketplace
Kyvos AWS Marketplace Kyvos Free (
...
This section presents the list of permission required for the EC2 role.
...
Permissions required for external repository RDS
From Kyvos 2023.2 onwards, for AWS, the following RDS permissions will be required to upgrade IAM roles using a shared template.
Purpose | Permissions required | Scenario(s) for which this permission is required | Impact of not granting permission | Alternate plan (if any) | Conditional based Access |
---|---|---|---|---|---|
To automate the back up and restoration process of external repository RDS during rollback and upgrade | “rds:DescribeDBInstances” "rds:StopDBInstance" "rds:DescribeDBSnapshots" "rds:CreateDBSnapshot" "rds:RestoreDBInstanceFromDBSnapshot" "rds:DeleteDBInstance” | When Kyvos use an external repository RDS | Without this permission, the backup and restoration process will not be automated. | If this fails, you need to manually backup and restore the external repository RDS |
|
...