Customize Aviatrix IAM Role Names for Secondary Accounts¶
Step 2: Download Aviatrix CFT¶
Use the URL shown in the screenshot below to download Aviatrix CFT to your local computer
Step 3: Modify/Customize CFT¶
Modify/Replace the following highlighted string with your desired role name in order to create your own IAM role, which is equivalent to “aviatrix-role-ec2”
Modify/Replace the following highlighted string with your desired role name in order to create your own IAM role, which is equivalent to “aviatrix-role-app”
If your new “aviatrix-role-app” role name doesn’t have the prefix string, “aviatrix” then you need to replace the following highlited string with your role name.
We recommend to have the prefix string, “aviatrix” for Aviatrix IAM resources. However, if your new “aviatrix-role-app” role name doesn’t have the prefix, make sure the the IAM policy, “aviatrix-assume-role-policy” in both controller and secondary AWS accounts allows you to assume both exisiting “aviatrix-role-app” and the new “aviatrix-role-app” that you create.
Step 4: Create CFT Stack¶
Use the CFT you customized from the previous step to create a CFT-Stack
Enter AWS-Account-ID of the controller
Click [Next] then use default configurations to create the stack
Step 5: Save the 2 IAM role ARNs¶
After stack creation has been completed, click [Outputs] tab and copy the 2 ARNs for your roles
Step 6: Invoke Aviatrix API to Create Access Account¶
Step 7: Verify the work by creating an Encrypted Peering¶
After peering, the status should be UP and Green within 1-5 minutes!