You must configure certain permissions in AWS Route 53 before synchronization with BloxOne Universal DDI. Synchronizing AWS Route 53 without configuring these permissions may cause errors.
...
| Code Block | ||
|---|---|---|
| ||
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"route53:CreateHostedZone",
"route53:GetHostedZone",
"route53:ListHostedZones",
"route53:ChangeResourceRecordSets",
"route53:ListVPCAssociationAuthorizations",
"route53:ListResourceRecordSets",
"route53:DeleteHostedZone",
"route53:UpdateHostedZoneComment",
"route53:ListTagsForResources",
"ec2:DescribeRegions",
"ec2:DescribeVpcs",
"route53:ListQueryLoggingConfigs",
"route53:ListTrafficPolicyInstancesByHostedZone"
],
"Resource": "*"
}
]
} |
The following permissions are required for cloud forwarding:
| Code Block |
|---|
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"route53resolver:*",
"ec2:DescribeNetworkInterfaces",
"ec2:CreateNetworkInterface",
"ec2:DeleteNetworkInterface",
"ec2:GetSecurityGroupsForVpc",
"ec2:DescribeRegions",
"ec2:DescribeVpcs",
"ec2:DescribeSubnets",
"ec2:DescribeAvailabilityZones",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:CreateNetworkInterfacePermission",
"ec2:DescribeSecurityGroups"
],
"Resource": "*"
}
]
} |
...