Skip to content

Latest commit

 

History

History
33 lines (28 loc) · 1.28 KB

Service_Catalog.md

File metadata and controls

33 lines (28 loc) · 1.28 KB

AWS Service Catalog

  • Return to table of contents

  • Useful Links:

  • Exam Tips:

    • There's a requirement for a enduser to deploy products that they don't have permissions to do otherwise, in a self-service way.
    • Used to tag provisioned resources with corresponding unique identifiers for portfolio, product, and users. *** How it works:**
        1. Admins define products and portfolios using CloudFormation Templates and Service Catalog configuration
        1. Deploy portfolio to any service enabled regions.
        1. Service Catalog users review portfolios they have permissions on and launch product(s) into service enabled regions.
        1. Service Catalog launchers the infrastructure using defined templates. Service catalog users don't need infrastructure permissions .. only launch permissions.
        1. Products are available for usage.

If you want to give your enduser permission to launch a product you need this policy created and attached.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "servicecatalog:ProvisionProduct"
                ],
                "Resource": "*"
        }
    ]
}