Privileges Required to Use AWS EC2 Connector

To use the AWS EC2 Connector, you need one of the following:

• scheduler-administrator or redwood-administrator role.
• scheduler-user or redwood-login role in combination with the following system-wide, Partition-wide or object-level privileges.

Built-in Roles

• The scheduler-administrator or redwood-administrator built-in role provides full control over the AWS EC2 Connector.
• The scheduler-viewer built-in role provides read-only access to the AWS EC2 Connector.

Creating, Modifying, and Deleting AWS Connections

You need all of the following privilege ranks to be able to create, modify, and delete AWS Connections.

• View or any other rank - on the GLOBAL.Redwood.REDWOOD.AWS.REDWOOD.Utilities Application.
• View or any other rank - on the existing Job Server and Queue for the Connection, if applicable.
• Create - on Job Server and Queue, if these need to be created.

Using AWS EC2

• View or any other rank - on the .Redwood.REDWOOD.AWS.REDWOOD.EC2 Application.
• View or any other rank - on the REDWOOD.Redwood_AWS_EC2_InstanceIdConstraint constraint.
• View or any other rank - on the REDWOOD.Redwood_AWS_EC2_NotStoppedInstanceIdConstraint constraint.
• View - on EXTConnection and AWSConnection.
• View - on the component's Job Server.
• JobAdministrator - on the component's Queue.
• View - on REDWOOD.Redwood_AWS_EC2 library.
• Run - on Job Definitions you wish to use.