Cloudaware uses OAuth standard to identify users who send requests to Cloudaware API. A current user should get a specific token to add or see accounts depending on their permissions.
Get OAuth token
1. Log in to your Cloudaware account → Admin.
2. Select OAuth on the left → +Create New Token → Create Token.
You may be redirected to an intermediate force.com page to grant access to CloudAware OAuth2. Click Allow.
3. Click Copy To Clipboard to copy and save the token.
4. Click Got It, Сlose Window to proceed.
5. Check the list of tokens counts.
You can have only 4 (four) active tokens at a time! The column 'Use Count' shows the number of times the token has been used.
6. Note that if a token has been compromised, it must be revoked: click triple dots → Revoke → Yes, Revoke.
7. Click +Create New Token to get a new token if necessary.
8. If you have IP restrictions in your environment, edit OAuth policies settings as shown in the tip below.
8.1. Log in to your Cloudaware account → Setup:
8.2. Type Apps in the Search bar → Connected Apps → Manage Connected Apps → click on the Cloudaware OAuth2 app:
Click Edit Policies:
8.3. Select 'Relax IP restrictions' in 'IP Relaxation':
Click Save.
Get API key
The API key is required for performing requests to Cloudaware API.
1. Create a Google Cloud Project account.
2. Submit an access request to support@cloudaware.com providing the full e-mail of the associated Google Cloud Project account.
3. Activate access to Cloudaware API using API Manager. Go to https://console.cloud.google.com → open a navigation menu (hamburger button) → select 'APIs & Services' in the menu on the left.
Select 'Library' → filter by Private.
4. Select external.endpoints.cloudaware-vm.cloud.goog → Enable.
5. Go back to 'APIs & Services' → Credentials → Create credentials → API Key.
6. Copy the API Key to the clipboard:
Add AWS accounts using API
The Google APIs Explorer is a tool allowing to explore and test APIs.
1. Go to Google APIs Explorer using this link.
2. Click on a gear button. Select 'Set API key / OAuth 2.0 Client ID':
Insert API key and OAuth 2.0 token. Click Save.
3. Go to Services → External API v1 → select external.amazon.account.create
4. Fill out the form:
WHERE
token - insert the OAuth token generated before. Select fields in ‘Request body’ to make it look like below:
sandbox - select ‘true’ if your Salesforce org is a sandbox, otherwise select ‘false’
Request body - select properties successively as role, trustedAccount, accountId, externalId, usages, name
{
"role":
{
"trustedAccount":
{
"accountId": ""
},
"externalId": ""
},
"usages":
[
],
"name": ""
}
5. Click Authorize and Execute.