Storage Encryption
Steps to provide permission for Resilience service to create encryption keys in the recovery region
Log in to the AWS console with the IAM create/write access. Please make a note of your recovery region/s as we will be using that in our policy.
Follow these five steps to enable the Appranix resilience service to create encryption keys for the recovery region.
- Once you are in the console, select the “IAM” service and select “Roles” on the side menu
- List of pre-existing roles will appear. On the Search text box, type “AppranixProtectServicePermissions”. You will be able to find a role with the prefix “AppranixProtectServicePermissions”
- Click on the role and navigate to the “Permissions” tab
- Click on the policy link. Then click the “Edit Policy” and select the “JSON” tab
- Update the policy statement by copying the below content into the policy statement
NOTE: Change the regions in the "aws:RequestedRegion" property from the table below.
{ "Sid": "CreateKeyAndAlias", "Effect": "Allow", "Action": [ "kms:CreateKey", "kms:CreateAlias", "kms:TagResource" ], "Resource": "*", "Condition": { "StringEquals": { "aws:RequestedRegion": [ "us-east-1" ] } } }
The following table lists the name and code of each region.
| Region Name | Code |
|---|---|
| US East (Ohio) | us-east-2 |
| US East (N. Virginia) | us-east-1 |
| US West (N. California) | us-west-1 |
| US West (Oregon) | us-west-2 |
| Africa (Cape Town) | af-south-1 |
| Asia Pacific (Hong Kong) | ap-east-1 |
| Asia Pacific (Mumbai) | ap-south-1 |
| Asia Pacific (Osaka-Local) | ap-northeast-3 |
| Asia Pacific (Seoul) | ap-northeast-2 |
| Asia Pacific (Singapore) | ap-southeast-1 |
| Asia Pacific (Sydney) | ap-southeast-2 |
| Asia Pacific (Tokyo) | ap-northeast-1 |
| Canada (Central) | ca-central-1 |
| China (Beijing) | cn-north-1 |
| China (Ningxia) | cn-northwest-1 |
| Europe (Frankfurt) | eu-central-1 |
| Europe (Ireland) | eu-west-1 |
| Europe (London) | eu-west-2 |
| Europe (Milan) | eu-south-1 |
| Europe (Paris) | eu-west-3 |
| Europe (Stockholm) | eu-north-1 |
| Middle East (Bahrain) | me-south-1 |
| South America (São Paulo) | sa-east-1 |
Need more help?
Submit a ticket