Remediation

From Command Line

1. Create an IAM role for managing incidents with AWS:

   • Create a trust relationship policy document that allows {{iam_user}} to manage AWS incidents, and save it locally as /tmp/TrustPolicy.json:

       {
           "Version": "2012-10-17",
           "Statement": [
               {
               "Effect": "Allow",
               "Principal": { 
                   "AWS": "{{iam_user}}"
               },
               "Action": "sts:AssumeRole"
               }
           ]
       }

2. Create the IAM role using the above trust policy:

   aws iam create-role --role-name {{aws_support_iam_role}} --assume-role-policy-document file:///tmp/TrustPolicy.json

3. Attach AWSSupportAccess managed policy to the created IAM role:

   aws iam attach-role-policy --policy-arn arn:aws:iam::aws:policy/AWSSupportAccess --role-name {{aws_support_iam_role}}