Enable full access
To enable advanced features in MilkStraw AI, you need to update your AWS IAM policy to grant us the necessary permissions to apply savings on your account.
Step 1 - Update the IAM Policy
-
Find the MilkStraw AI access role
In the AWS Management Console, go to IAM (Identity and Access Management), then look for the role you created for us.
-
Edit the Existing Policy
Find the policy in the role under “permissions” and click on Edit Policy.
-
Replace policy permissions
In the Policy Editor, switch to the JSON tab. Copy and paste the following JSON to add the required permissions:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"application-autoscaling:Describe*",
"autoscaling:Describe*",
"ce:Describe*",
"ce:Get*",
"ce:List*",
"cloudwatch:GetMetricData",
"ec2:Describe*",
"ec2:AcceptReservedInstancesExchangeQuote",
"ec2:CancelReservedInstancesListing",
"ec2:CreateReservedInstancesListing",
"ec2:DeleteQueuedReservedInstances",
"ec2:ModifyReservedInstances",
"ec2:PurchaseHostReservation",
"ec2:PurchaseReservedInstancesOffering",
"rds:Describe*",
"rds:List*",
"rds:PurchaseReservedDbInstancesOffering",
"elasticache:List*",
"elasticache:Describe*",
"elasticache:PurchaseReservedCacheNodesOffering",
"es:Describe*",
"es:List*",
"es:PurchaseReservedInstanceOffering",
"organizations:InviteAccountToOrganization",
"organizations:List*",
"organizations:Describe*",
"pricing:DescribeServices",
"pricing:GetAttributeValues",
"pricing:GetProducts",
"savingsplans:Describe*",
"savingsplans:List*",
"servicequotas:Get*",
"servicequotas:List*",
"support:*"
],
"Resource": "*"
}
]
}
-
Save and Apply
Click Review Policy, then Save Changes to apply the updated permissions.
Step 2 - Verify changes
Refresh webapp.
Additional Resources
AWS IAM Policies Documentation: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html
Was this page helpful?