Skip to content

Step 1: Setup AWS RoboMaker for simulation

Jump to bottom
Giovanni Bruno edited this page May 30, 2019 · 3 revisions

1. Create S3 buckets

  1. Go to console.aws.amazon.com/s3
  2. Press on + Create bucket
  3. Give a unique name (e.g. upbot-source), choose a Region and press next
  4. Choose your settings basing on your requirements and press next
  5. If you want your S3 Bucket private, check all marks and "Do not grant ...". Then press next
  6. Review if everything is ok! Then press Create bucket
  7. You have successfully created a S3 bucket to contain source files of your UPbot
  8. Repeat steps from 2 to 6 to create an output bucket used for logs and bags (e.g. upbot-output)
  9. You have successfully created a S3 bucket to contain output files of your running UPbot

2. Create a policy for Robomaker

  1. Go to console.aws.amazon.com/iam/policies
  2. Press on Create Policy
  3. Then click on JSON tab and delete everything
  4. edit following JSON changing bucket-source, bucket-output and yourAWScode:
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": "s3:ListBucket",
            "Resource": [
                "arn:aws:s3:::bucket-source"
            ],
            "Effect": "Allow"
        },
        {
            "Action": [
                "s3:Get*",
                "s3:List*"
            ],
            "Resource": [
                "arn:aws:s3:::bucket-source/*"
            ],
            "Effect": "Allow"
        },
        {
            "Action": "s3:Put*",
            "Resource": [
                "arn:aws:s3:::bucket-output/*"
            ],
            "Effect": "Allow"
        },
        {
            "Action": [
                "logs:CreateLogGroup",
                "logs:CreateLogStream",
                "logs:PutLogEvents",
                "logs:DescribeLogStreams"
            ],
            "Resource": [
                "arn:aws:logs:*:yourAWScode:log-group:/aws/robomaker/SimulationJobs*"
            ],
            "Effect": "Allow"
        },
        {
            "Action": [
                "ec2:CreateNetworkInterfacePermission"
            ],
            "Resource": [
                "arn:aws:ec2:*:yourAWScode:*"
            ],
            "Effect": "Allow"
        },
        {
            "Action": [
                "ec2:AssociateRouteTable",
                "ec2:CreateSubnet",
                "ec2:DeleteNetworkInterface",
                "ec2:DeleteSubnet",
                "ec2:DescribeNetworkInterfaces",
                "ec2:DescribeSecurityGroups",
                "ec2:DescribeSubnets",
                "ec2:DescribeVpcs"
            ],
            "Resource": "*",
            "Effect": "Allow"
        }
    ]
}

and paste in JSON tab
NOTE: bucket-source and bucket-output are your S3 buckets. You can find yourAWScode in IAM dashboard as https://yourAWScode.signin.aws.amazon.com/console
5. click on Review your policy
6. Give a name (e.g. upbot-robomaker-policy) and press Create policy

3. Create a role for Robomaker

  1. Go to roles
  2. Press on Create role
  3. Choose RoboMaker and RoboMaker - Simulation, then press Next: Permissions
  4. Add policy you created before (e.g. upbot-robomaker-policy) and press Next: Tags
  5. This is optional, so click on Next: Review
  6. Give a name to the role (e.g. upbot-robomaker), then click on Create role
  7. Opening your new role, you should see this in "trust relationships -> edit trust relationships":
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "Service": "robomaker.amazonaws.com"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}


Copyrights (c) 2019 Giovanni di Dio Bruno under MIT license.

Clone this wiki locally