Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

This article instructs on adding an AWS account explains how to add AWS accounts to Cloudaware using the an AWS IAM role. Ensure you have a Cloudaware account and the necessary level of access to the AWS console before proceedingpermissions in AWS.

  1. Log in to your Cloudaware account → Admin.

...

  1. Find Amazon Organizations & Accounts. Click +N Configured +Add Amazon Account.

...

  1. ADD AMAZON ACCOUNT:

...

  1. Type AWS account name in the form. Select ‘AWS 'AWS IAM role’ role' as authentication type by clicking the corresponding tile.

a. Select AWS Partition.:

...

b. Click Generate Random (crossed arrows button) to generate External ID:

...

Copy and save External ID required for Cloudaware IAM Role creation in AWS console.

c. Select the preferable integration type for IAM role creation by clicking the corresponding tile.

...

CloudFormation Stack

...

CloudFormation Template

...

option for CloudFormation stack creation:

Continue with the point

Quick launch

Manual creation

This option allows launching AWS CloudFormation stack with a pre-generated Cloudaware template. Click Launch Stack to be redirected to AWS Console:

Screenshot 2024-09-12 at 3.11.42 PM.pngImage Removed

'CloudFormation Template' aws start guide - using iam role - quick launch - launch. stack.pngImage Added

This option allows the manual creation of and setting up of a stack for the Cloudaware IAM roleAWS CloudFormation stack. Click Template to download* the CloudFormation template:

Screenshot 2024-09-12 at 3.12.59 PM.pngImage Removedaws start guide - using iam role - manual creation - download template.pngImage Added

*Download populated with account data - the template will contain your Cloudaware account-specific data with AWS Account data auto-populated, e.g. billing buckets
Download with placeholders - the template will contain placeholders that need to be populated with AWS accounts data

Replace the default placeholders of AccessRoleArn, AccessRoleName and AccessExternalId in both cases:

code

"ParameterLabels": {
    "AccessRoleArn": {
     "default": "CloudAware Role ARN"
    },
    "AccessRoleName": {
     "default": "CloudAware Role Name"
    },
    "AccessExternalId": {
     "default": "External ID"

4

...

4. In AWS console, if you chose:

...

CloudFormation Stack

...

. Log in to AWS console:

Quick launch

Manual creation

Note that Amazon S3 URL is pre-selected as Template source in Step 1. The URL for Cloudaware template is auto-populated. Click Next.

Screenshot 2024-09-12 at 11.26.52 AM.pngImage Removedaws start guide - using iam role - aws console - s3 url populated.pngImage Added

Go to All Services → the section 'Management & Governance' → CloudFormation

Click Create Stack → Stack  With new resources (standard).

Screenshot 2024-09-12 at 3.34.30 PM.pngImage RemovedAt the 'Step 1 - Create Stack'* select aws start guide - using iam role - aws console - create stack with new resources.pngImage Added

Select Upload a template file click Choose file* to upload the template. Click Next.

Screenshot 2024-09-12 at 3.35.00 PM.pngImage Removedaws start guide - using iam role - aws console - upload a template file.pngImage Added

* - upload the Cloudaware template.

At the 'Step 2 - 5. Specify stack details' in AWS:

a. Provide Stack name (or leave it as is, e.g. cloudaware-iam-role-stack)

...

CloudAware Role ARN: leave it as is

CloudAware Role Name: Replace replace auto-generate with a meaningful name, e.g. Cloudaware IAM _Role

External ID: paste External ID generated in the Cloudaware console (see step 3.b)

c. In the section 'Policies', select preferable features. Click Next.

At the 'Step 3 - Configure stack options' in AWS: set 6. Set up tags and permissions, stack failure options, and advanced options if necessary. Click Next.

At the 'Step 4 - Review and create' in AWS: check 7. Review the stack details and check . Check the box I acknowledge that AWS CloudFormation might create IAM resources with custom names. Click Submit.

...

Note

Please allow some time for the stack to be created.

8. Open the tab 'Outputs' for the created stack. Copy the IAM Role ARN value.

59. Go back to Cloudaware. Paste Role ARN in the form. Click Check:

...

Once validation is passed,click Add Save.

Your AWS account will be added automatically. Please allow some time for Cloudaware to gather data from your AWS account based on the granted permissionscollect AWS data.