Workflow Policy Validation

Every workflow needs a unique set of IAM policies depending on the AWS Resources involved and the actions performed.

Validating a workflow is the process through which TotalCloud ensures access to the right IAM policies to fetch resources and perform actions

You might also see Recommended Policies below the Required Policies in the Editor. It is a good practice to add these as Inline Policies.

Required Policies give TotalCloud access to run the workflow. Recommended Policies give TotalCloud the access to detect whether you have enough policies to run the workflow.

TotalCloud only takes permissions that are specific to the workflow. This ensures that you never give blanket permissions, and maximise security

Once you have finished creating your workflow, look above and you will find the policy validation status. A green tick indicates successful validation. A red-cross with Validation Failed next to it means that your workflow does not have the required IAM policies to execute.

In the case you have a red cross, you will need to click the​ re-validation button and add the necessary permissions.

Click on the Required Policies button to see the policies needed.

Copy the policies by clicking Copy to Clipboard, and then open IAM on your AWS Management Console.

Click Users/Roles depending on how you configured AWS access to TotalCloud. Select the User/Role attached to your account. Click Add Inline Policy.

Click JSON, and replace the code in the Editor with that copied from Required Policies on the TotalCloud WebApp. Click Review Policy.

Add a name for the policy, and then click Create Policy.

Go back to the TotalCloud Editor and click on Retry Validation. You will now get a green-tick and Validated next to it.