Instruqt Docs
  • 🚩Getting started
    • Overview
    • Setting up
      • Study Room
    • Quickstart
  • 🛤️Tracks
    • Manage tracks
      • Create tracks
      • Edit locally
      • Test tracks
      • Track logs
      • Track time limits
      • Track feedback
      • Developer workflow
      • Track tags
      • Track authors
      • Delete tracks
      • Custom layouts
      • Version control
      • Loading experience
    • Challenges
      • Create challenges
      • Challenge tabs
      • Challenge order
      • Skip challenges
      • Add quizzes
      • Assignment display
      • Assignment editor
    • Share tracks
      • Live Events
        • Instructor tools
      • Track invites
      • Embed tracks
      • Landing pages
  • 🏖️Sandboxes
    • Overview
    • Sandbox hosts
      • Add hosts
      • Custom VM images
      • Custom container images
      • Public images
      • Windows VMs
      • Website service
      • SSL certificates
    • Cloud accounts
      • Securing your cloud accounts
      • Cloud Client
      • AWS accounts
        • AWS Environment Variables
        • AWS Managed Policies
        • AWS IAM Policies
        • AWS SCP Policies
      • Azure subscriptions
        • Azure Environment Variables
        • Azure Roles
        • Azure Resource Providers
      • GCP projects
        • GCP Environment Variables
        • GCP IAM Permissions
    • Lifecycle scripts
      • Scripting overview
      • Track scripts
      • Challenge scripts
      • Example scripts
      • Helper scripts
    • UI Checks
    • Global Sandbox Settings
      • Hot start
      • Sandbox presets
      • Custom resources
      • Cloud services and regions
        • Allowed services and regions
    • Secrets and variables
      • Runtime variables
      • Runtime parameters
      • Secrets
  • ⚙️Settings
    • Integrations
      • Salesforce (Beta)
      • HubSpot (Beta)
      • HubSpot (Using zapier)
      • LTI
      • Version control
        • GitHub
    • Authentication
      • SSO
      • API keys
    • Platform
      • API
      • Webhooks
      • Track limits
  • 💡Reference
    • Feature overview
    • Instruqt CLI
      • Commands
      • Configuration files
      • Assets
    • Instruqt platform
      • Networking
      • Host machine types
      • Quotas and limits
      • Roles and permissions
      • Network access
      • Requirements
  • 🛟Resources
    • Content design tips
    • Advanced use cases
    • Templates
    • FAQ
      • Running Windows Client Hosts on Instruqt
      • Using Cleanup Scripts in SaaS and Cloud Environments
      • Instruqt Regional Configurations and Restrictions
      • Troubleshooting Instruqt CLI Authentication Issues
      • Copy a Track from One Organization to Another via CLI
      • Network Configuration: IP and MAC Address Control
      • Container Troubleshooting in Instruqt
Powered by GitBook
On this page
  • Setting managed policies
  • User managed policies
  • Admin managed policies
  • Example managed policy

Was this helpful?

Edit on GitHub
  1. Sandboxes
  2. Cloud accounts
  3. AWS accounts

AWS Managed Policies

Setting managed policies

An AWS managed policy is a standalone policy that is created and administered by AWS.

— AWS documentation

User managed policies

The user managed policy applies to the learner that is taking the track. These permissions should be limited to the least access necessary to complete the track

Admin managed policies

An admin managed policy is the policy that applies to the lifecycle scripts. This can be an elevated permission to deploy resources on the cloud when a sandbox is deployed.

Example managed policy

The managed policies method is easier than the IAM and SCP policies but may grant learners more than the minimum access required to complete a track. The following example grants Virtual Private Cloud (VPC) administrator access, which allows learners to create and manage VPC networks:

Update your AWS account by entering the following in the User Managed Policies field:

arn:aws:iam::aws:policy/AmazonVPCFullAccess

And clicking Add.

Edit your config.yml file to include this content:

aws_accounts:
- name: awsaccount
  managed_policies:
  - arn:aws:iam::aws:policy/AmazonVPCFullAccess

See AWS managed policies on the AWS docs site for more information.

PreviousAWS Environment VariablesNextAWS IAM Policies

Last updated 1 day ago

Was this helpful?

🏖️