You must configure certain permissions in AWS Route 53 before synchronization with BloxOne Universal DDI. Synchronizing AWS Route 53 without configuring these permissions may cause errors.
...
Code Block | ||
---|---|---|
| ||
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "route53:CreateHostedZone", "route53:GetHostedZone", "route53:ListHostedZones", "route53:ChangeResourceRecordSets", "route53:ListVPCAssociationAuthorizations", "route53:ListResourceRecordSets", "route53:DeleteHostedZone", "route53:UpdateHostedZoneComment", "route53:ListTagsForResources", "ec2:DescribeRegions", "ec2:DescribeVpcs", "route53:ListQueryLoggingConfigs", "route53:ListTrafficPolicyInstancesByHostedZone" ], "Resource": "*" } ] } |
The following permissions are required for cloud forwarding:
Code Block |
---|
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"route53resolver:*",
"ec2:DescribeNetworkInterfaces",
"ec2:CreateNetworkInterface",
"ec2:DeleteNetworkInterface",
"ec2:GetSecurityGroupsForVpc",
"ec2:DescribeRegions",
"ec2:DescribeVpcs",
"ec2:DescribeSubnets",
"ec2:DescribeAvailabilityZones",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:CreateNetworkInterfacePermission",
"ec2:DescribeSecurityGroups"
],
"Resource": "*"
}
]
} |
...