Required permissions for the MGN Connector

In order to use MGN connector, you must have the required permissions in IAM.

For security best practices, it is recommended that the MGN connector will be accessed only by allowed personnel and will have the required OS patches. It is also recommended that the servers to which the MGN connector connects, will have all the required OS patches.

If you configure outputting logs to S3, first create an Amazon S3 bucket. it is recommended to apply S3 bucket security practices - following AWS official reference to S3 security practices

Refer to the next section to deploy permissions using a CloudFormation template.

Alternatively, in order to create the permissions manually, create the following IAM roles:

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Architecture overview

Create permissions manually