website logo
HomeTwitterLinkedInLogin ➡️
⌘K
Overview
Getting started
Connect an Account
AWS Account
Azure Subscription
GCP Project
Managing Accounts
Reverse Terraform
Asset Explorer/Reverse Terraform
Diff
Diff Email
Snapshot Diff
Ignored properties
Environment Explorer
Compliance
GraphQL API
IaC Catalog
Overview
Getting Started with Terraform Blueprints
Configuration
Producer Flow
Consumer Flow
CI/CD Configuration
Management
Security
Feedback/Contact
Docs powered by archbee 
9min

AWS Account

To authenticate with your AWS account, you will need to grant AutoCloud read-only access to your resources.

Create a cross-account role

Generating a cross-account read-only role is the simplest and most secure way of authenticating with your AWS account. This role will need the AWS owned "ReadOnlyAccess" permissions only. You may use AWS Console or Terraform to generate the Role ARN.

Use Terraform to generate Role ARN

Using Terraform to generate a Role ARN will require the next steps:

  1. Get your AutoCloud organization ID, which can be found in My Account.
  2. Head over to AutoCloud's AWS Terraform Module.
  3. Get the Provision Instructions, copy and paste into your Terraform configuration.
  4. The following assets will be created:
    1. aws_iam_role - The AWS IAM cross-account role
    2. aws_iam_role_policy_attachment - Several AWS IAM policy role attachments linking the cross-account role to the specific permissions allotted
  5. Copy the Role ARN.


Use AWS Console to create a Role ARN

Using AWS Console will require a few steps:

  1. After you've created an AWS Service Discovery, click on "USE CLOUDFORMATION".


2. Login to AWS if you haven't done that already.

3. In AWS Console, confirm the creation of the Cloudformation stack. This will create a read-only access role, named "AutocloudReadOnly".



4. Wait for the CloudFormation stack to finish. This should take no more than a couple of minutes.



5. Copy the new role ARN from CloudFormation stack outputs.



7. Add the ARN following the steps below.

Connect an AWS account to AutoCloud

  1. Go to Accounts
  2. Click on "Create New" in the top right corner.
  3. Pick AWS as a provider.
  4. Name your account and add a description.






5. Enter Role ARN to give AutoCloud read-only access. The credentials will be saved and you will be authenticated.



6. Select services and regions.



8. A new version will be created.



9. Click on View to take a look at your cloud in the Environment Explorer





Updated 03 Mar 2023
Did this page help you?
Yes
No
UP NEXT
Azure Subscription
Docs powered by archbee 
TABLE OF CONTENTS
Create a cross-account role
Use Terraform to generate Role ARN
Use AWS Console to create a Role ARN
Connect an AWS account to AutoCloud