Note that Cloudaware requires read-only permissions to collect data from cloud providers.
Adding AWS Account Using Access And Secret Keys
1.
a) If starting a trial with Cloudaware, check your email to locate a welcoming message and click Add AWS Account in it.
b) If you are logged in to your Cloudaware account, select Admin in the menu under your username. Locate Amazon Organizations & Accounts. Click +Add.
2. Select Using Access and Secret Keys as an integration type. Click Cloudaware IAM policies to download the policies Collector Part #1 and Collector #2. The rest of IAM Policies are optional depending on the functionality you are going to use.
3. Sign in to your AWS console. Go to Services, locate the section 'Security, Identity, & Compliance' and select IAM.
4. Select 'Users' and click Add User.
5. Fill in the Account name, check the box 'Programmatic access' and click 'Next: Permissions'.
6. 'Set permissions' and 'Add user to group' are optional.
7. 'Add tags' is optional.
8. Review your choice and click Create user.
9. You will receive the Access key and the Secret key for this user. As an option, you may download the credentials.
10. Go back to the list of users and choose the one you have recently created. Select the tab 'Permissions' and click Add Inline policy. On the next page select the tab 'JSON' and add the code from Cloudaware console (Amazon account details).
11. Open the previously downloaded file in any text editor, copy the code and paste it in the Policy Document. Click Review Policy.
Fill in the name and click Create policy.
12. Fill in the Account name, Access key and Secret key and click Check. Your AWS Account will be added automatically.
Adding AWS Account Using IAM Role (More Secure)
1.
a) If starting a trial with Cloudaware, check your email to locate a welcoming message and click Add AWS Account in it.
b) If you are logged in to your Cloudaware account, select Admin in the menu under your username. Locate Amazon Organizations & Accounts. Click +Add.
2. Select Using IAM Role as an integration type and download the CloudFormation template.
3. Sign in to your AWS console. Go to Services, locate the section 'Management & Governance' and select CloudFormation.
4. Click Create Stack → With new resources (standard)
5. Select Upload a template file → Choose file to apply the downloaded template, click Next.
6. Fill in Stack name and External ID*.
*You can generate External ID in the Cloudaware console by clicking 'Generate Random' button (see the form in p. 2)
7. In the section 'Policies' enable preferred features, click Next.
8. Optional: set up tags and permissions on the Options page.
9. On the Review page check the details, check the box I acknowledge that AWS CloudFormation might create IAM resources with custom names. Click Create Stack.
10. Wait until the stack is created.
11. Open the tab 'Outputs' for the created stack. Copy the IAM Role ARN value.
12. Go back to the Admin console. Fill in the Account Name, select Trusted Account, paste Role ARN and insert External ID. Click Check → Add.