Versions Compared

Old Version 3

changes.mady.by.user NIDHI BHANDARI

Saved on

compared with

New Version 4

changes.mady.by.user NIDHI BHANDARI

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Version published after converting to the new editor

Applies to:Image ModifiedKyvos Enterprise  Image ModifiedKyvos Cloud (Managed Services on AWS)  Image ModifiedKyvos Azure Marketplace

Image ModifiedKyvos AWS Marketplace  Image ModifiedKyvos Single Node Installation (Kyvos SNI)  Image ModifiedKyvos Free (Limited offering for AWS)

...

This section presents the list of permission required for the EC2 role.

...

Permissions required for external repository RDS 

From Kyvos 2023.2 onwards, for AWS, the following RDS permissions will be required to upgrade IAM roles using a shared template.

Purpose 

Permissions required  

Scenario(s) for which this permission is required  

Impact of not granting permission  

Alternate plan (if any) 

Conditional based Access 

To automate the back up and restoration process of external repository RDS during rollback and upgrade 

“rds:DescribeDBInstances” 

"rds:StopDBInstance" 

"rds:DescribeDBSnapshots" 

"rds:CreateDBSnapshot" 

"rds:RestoreDBInstanceFromDBSnapshot" 

"rds:DeleteDBInstance” 

When Kyvos use an external repository RDS 

Without this permission, the backup and restoration process will not be automated. 

If this fails, you need to manually  backup and restore the external repository RDS 

 

...