Cloud 9 Settings Configuration

Create IAM Role

  1. Log into your AWS Account you are using for this workshop.
  2. Follow this link to create an IAM role with Administrator access.
  3. Confirm that AWS service and EC2 are selected, then click Next: Permissions to view permissions. cloud9create
  4. Confirm that AdministratorAccess is checked, then click Next: Tags to assign tags. cloud9create
  5. Take the defaults, and click Next: Review to review. cloud9create
  6. Enter devsecops-workshop-admin for the Name, and click Create role.

Ensure that the name of the role is devsecops-workshop-admin

cloud9create

Attach IAM Role to your Cloud9 instance

  1. Click the grey circle button (in top right corner) and select Manage EC2 Instance cloud9create
  2. Select the instance, then choose Actions / Security / Modify IAM Role cloud9create
  3. Choose devsecops-workshop-admin from the IAM Role dropdown, and select Save cloud9create

Update Cloud9 IAM Settings

Return to your Cloud9 workspace and click the gear icon (in top right corner)

  1. Open Project Settings
  2. Select AWS SETTINGS
  3. Turn off AWS managed temporary credentials

Let’s make sure we have the right settings with the AWS CLI.

To ensure temporary credentials aren’t already in place we will also remove any existing credentials file:

rm -vf ${HOME}/.aws/credentials

Use the GetCallerIdentity CLI command to validate that the Cloud9 IDE is using the correct IAM role.

aws sts get-caller-identity \
--query Arn | grep devsecops-workshop-admin -q \
&& echo "IAM role valid" || echo "IAM role NOT valid"

cloud9create

Change EC2 Instance Settings

  1. Open Project Settings
  2. Select EC2 Instance
  3. Change Stop my environment to a day.

cloud9create