Authorizing the use of EC2 Assigned Role for Amazon credentials

EC2 Assigned Role (added in Trust Protection Platform 20.4) is for use with instances of Trust Protection Platform that are running in EC2. You can use this role to acquire temporary access keys for issuing certificates from AWS, provisioning them, as well as for Onboard Discovery.

As an added security measure, you must either be a master administrator or have been added to AWS EC2 Role Authorized Identities by a master administrator to use EC2 Assigned Role as the source for your Amazon credential. Without this security control, any user would be able to use this mode without the ability to verify that they're entitled to use it.

NOTE  The following procedure is for master administrators. If you're not a master administrator, contact one and request that you be added to the EC2 Assigned Role Authorized Identities list. Consider sharing the URL of this page with your administrator if she's not familiar with this feature.

To authorize users or groups to use the EC2 Assigned Role option

  1. From the TLS Protect menu bar, click Policy Tree.

  1. Select the root platforms object and this click the AWS EC2 Role Authorized Identities tab.
  2. Click Browse button and move identities from Available to Selected, and then click Select.
  3. When you're finished adding identities, click Save.

For more information about EC2 integration with Trust Protection Platform, see Configuring Cloud Instance Monitoring using Amazon Web Services.