You’ll an Amazon Web Services account before you can use Oauth.Us. That’s because all Oauth.Us providers run on your private AWS account to ensure the highest degree of security. If you’ve never used AWS before, Amazon provides a free tier that you can use for an entire year.
After you’ve set up your AWS account, you’ll probably want to create a special user for Oauth.Us with limited privileges. While you could use your “root” account, it’s not the best idea.
The AWS Identity Access Management (IAM for short) is where you can add and manage users. For example, you may want to add developers, system administrators, etc. To add a new user,
You want to choose a descriptive name such as “OauthUsUser” so that you won’t get it confused with other actual users. Once you’ve created the user, you’ll want to record the access key ID and secret.
You’ll need these values later to use Oauth.Us.
Each IAM user can perform specific operations on your AWS account depending on the permissions you give it. We’ll need specific permission for Oauth.Us to work. To set the permissions, select the proper IAM user and find the Inline Policies section. Create a new inline policy and select Custom Policy. In the policy document, copy the following:
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "ec2:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "elasticloadbalancing:*",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "cloudwatch:*",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "autoscaling:*",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"cloudformation:CreateStack",
"cloudformation:DeleteStack",
"cloudformation:Describe*",
"cloudformation:GetTemplate",
"cloudformation:List*"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"iam:Get*",
"iam:List*"
],
"Resource": "*"
}
]
}
Once you’ve specified the policy, head over back to the Oauth.Us documentation to start creating your own OAuth providers.