Remote Network And System Administration Job In IT And Networking

Devops freelancer for cross-domain IAM role

Find more Network And System Administration remote jobs posted recently Worldwide

What we want to achieve is giving IAM users that are member of a group in AWS Account B access to a folder in an S3 bucket in Account A using a cross-domain IAM role. The folder to which the IAM user in Account B needs access to is a folder with the same name than the IAM user in account B. Exceptions need to be made possible. Both from Account A and from Account B. Not necessarily both at the same time since the setup will be different, I do realize that.

We have account B which has IAM users as part of a group that has an IAM policy that gives them the right to assume a role defined in Account A. The role in account A has account B as a trusted entity.

What is already setup and working?
  • I have a IAM policy in account A with a role defined that is linked to a trusted identity (=Account B).
  • I have a test.user1 in accountB that has the correct assume role rights for the role in account A that can access the bucket.
  • Accessing this bucket works in the console using the option switch role. But the access is too wide at this moment.

I will provide some article with selected person through Toogit chat.

What still needs to be done? What are the deliverables for this job?
  • Make it work in the aws cli using the assume role option. I didnt manage to get that working yet.
  • Fine tune the IAM policy to make sure the users in account B can only write new objects, nothing else.
  • Make sure username test.user1 can only write in folder test.user1 using an IAM variable aws: username.
  • Figure out how to create extra policies in Account A to make sure users in Account B can have access to additional folders and test it
Figure out how to create extra policies in Account B to make sure users in Account B can have access to additional folders and test it

Important remark: I need someone who has done this before and really understands this thoroughly or someone that has the time and has 2 AWS accounts to set it up in test.
About the recuiter
Member since Mar 14, 2020
Kevin Wu
from Vellise, France

Skills & Expertise Required

DevOps Amazon 
Candidate shortlisted and hiredHiring open till - Dec 13, 2022

Work from Anywhere

40 hrs / week

Fixed Type

Remote Job

$95.88

Cost

Looking for help? Checkout our video tutorial
How to search and apply for jobs

How to apply? Do you have more questions about the Job?
See frequently asked questions

Other jobs by this client

Strategy for Data Base Development for Wind Turbine Analysis - Fixed
App developer - Fixed
Help looking for an overseas manufacturer - Hourly
VOIP / SIP / Networking Expert - Hourly
Create droplet for Photoshop to save jpeg from video - Hourly
Mangaka for a Novel im writing, just looking for quotes at the moment. - Hourly
UI Engineer — Landing Pages - Hourly
RUSH JOB - LOOKING FOR WORDPRESS DEV. TO TRANSFER SITE FROM GODADDY TO SITEGROUND - Hourly
Fix Tensorflow NLP sentiment regression - Hourly
RTP multicaster - Hourly
3D Model Shop & Posing Assets - Fixed
Security system for a Cloud Server - Fixed
Multilevel modelling - Fixed
Luxury Website Design within our Templated Bedrock Wordpress Website - Hourly
need help designing electronic circuit for PCB - Hourly
Developer Needed for Website Update / Re-Fresh - Fixed
SAP CRM Integration - Hourly
A study of transport layer protocol use in online videogames - Fixed
Graphic Designer for Ecommerce company - Fixed
Scripting & Automation - Hourly

Similar Projects

Auto-approve CSR’s for OCP4

Determine a way to auto-approve CSRs in OCP4 so that the cluster doesnt fall apart when the certs needs to be approved and node to node communication does not stop working.

Azure DevOps for auto deploy containers

I want to create nginx server on ubuntu and host webapps in containers
1. Setup auto deploy docker containers in Azure Pipeline.
host - ubuntu 16.04
container - asp.net core 2.2 with webapp from azure git
2. Publish access to containe...read more

Devops Architect / GitlabCI/CD / Wordpress

Looking for an experienced devops architect to define architecture of our wordpress developments.
We are using trellis from roots.io today : ansible script
We have a gitlab server With ci and cd.
We would like to think of a better soluti...read more

Experienced dev ops engineer needed for creation & customization of AWS error tracking dashboard

Were soon launching a serverless application hosted on AWS thats heavily dependent on Lambda and Step Functions, but were having trouble tracking and debugging errors and failures when they occur. Wed like to work with a developer with prior expe...read more

[COMPX] Senior AWS DevOps

We need a Senior AWS Expert to guide customers to find a solution on AWS via remote guidance, screen sharing, no access to the system only if there is no other solution.

Requirements:
- AWS Senior Expert
- Fluent English

Thi...read more