Ylastic and IAM role for cross AWS account access
Ylastic uses IAM roles provided by you to access and manage AWS account resources. There are two ways to create the role.
Manual Configuration - You can create an IAM role, assign permissions (choose the perms from one of the sample policies listed in this section), and set up trust relationship with Ylastic.
Automatic Configuration - You also have the option to quick create the IAM role and necessary permissions by using the quick create links. These are links to CloudFormation Templates that can create, assign perms and configure the role. All you have to do is select the link. That will take you to the template launch page. Click to create and configure a new IAM role in the AWS account that you are logged in.
The IAM permissions required in Ylastic will change from time to time as we add more services or enhance the existing feature set. If this is the case, you can remove the IAM role and re-create it using the quick links. The Cloudformation templates used will always be updated to reflect the latest set of perms needed.
To remove the IAM role all you have to do is delete the CloudFormation stack. That will automatically remove the IAM role.