Setting up AWS permissions to perform monitoring and backup with Nectus


Nectus AWS monitoring does not require root user permissions to performs it’s actions. Actually it requires a small set of permissions, so it’s more secure and reasonable to have a special AWS user’s account having that minimal set of grants. This guide will show to create such user’s account.

First login to the AWS console as a root user and choose IAM from the list of Services.

When you see the following form, choose Users.

Then select “Add user” on the following screen.

Enter user name and enable “programmatic access” in the next form.

Select “Attach existing policies directly” and then enable following 3 policies:

  • AmazonEC2FullAccess
  • CloudWatchActionsEC2Access
  • CloudWatchReadOnlyAccess

They could be found using “Filter policies” field.

After that click “Next: Review” button and you’ll see the following screen. Click “Create User” button.

If everything is OK and the user was created in AWS then the following form will appear. You should store Access key ID and Secret access key of the user since they are required by Nectus Monitoring. Click “Download .csv” and store this file. Also you can click “Show” to display the secret access key on the screen.

Last step is integrating AWS user’s access keys into Nectus Monitoring. Select Settings -> General Settings -> AWS integration in the Nectus GUI.

In the following form paste Access Key ID and Secret Access Key copied from AWS console (or from downloaded .csv-file).

Click OK to save the changes and Nectus is ready to perform AWS monitoring and backup.