Step 2: Creating an AWS Identity and Access Management user for your Jenkins CI Plugin
We recommend that you do not use your AWS root account to access Device Farm. Instead, create a new AWS Identity and Access Management (IAM) user (or use an existing IAM user) in your AWS account, and then access Device Farm with that IAM user.
To create a new IAM user, see Creating an IAM User (AWS Management Console). Be sure to generate an access key for each user and download or save the user security credentials. You will need the credentials later.
Give the IAM user permission to access Device Farm
To give the IAM user permission to access Device Farm, create a new access policy in IAM, and then assign the access policy to the IAM user as follows.
Note
The AWS root account or IAM user that you use to complete the following steps must have permission to create the following IAM policy and attach it to the IAM user. For more information, see Working with Policies
To create the access policy in IAM
Open the IAM console at https://console.aws.amazon.com/iam/
. -
Choose Policies.
-
Choose Create Policy. (If a Get Started button appears, choose it, and then choose Create Policy.)
-
Next to Create Your Own Policy, choose Select.
-
For Policy Name, type a name for the policy (for example,
AWSDeviceFarmAccessPolicy). -
For Description, type a description that helps you associate this IAM user with your Jenkins project.
-
For Policy Document, type the following statement:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "DeviceFarmAll", "Effect": "Allow", "Action": [ "devicefarm:*" ], "Resource": [ "*" ] } ] } -
Choose Create Policy.
To assign the access policy to the IAM user
-
Open the IAM console at https://console.aws.amazon.com/iam/
. -
Choose Users.
-
Choose the IAM user to whom you will assign the access policy.
-
In the Permissions area, for Managed Policies, choose Attach Policy.
-
Select the policy you just created (for example, AWSDeviceFarmAccessPolicy).
-
Choose Attach Policy.
