Create an IAM (Identity and Access Management) role for the policy described in Configuring the IAM policy.

As indicated in the steps below, the value of the sts:Externalid field and the role name must both be exactly vmimport.

To create an IAM role

  1. Type "IAM" in the search box.
  2. Select IAM in the search results to display the IAM dashboard.
  3. Select Access management> Roles in the navigation sidebar.
  4. Click Create role to display the Select trusted entity page.
  5. Under Trusted entity type, click Custom trust policy.

  6. Paste the following code under Custom trust policy

    {
    "Version": "2012-10-17",
    "Statement": [
    {
    "Effect": "Allow",
    "Principal": {
    "Service": "vmie.amazonaws.com"
    },
    "Action": "sts:AssumeRole",
    "Condition": {
    "StringEquals": {
    "sts:Externalid": "vmimport"
    }
    }
    }
    ]
    }
  7. Click Next.
  8. In the Add permissions page, select the policy described in Configuring the IAM policy.
  9. Click Next to display the Role details page.
  10. In the Role name field, type vmimport
  11. Click Create role.