- 2 minutes to read
- Print
- DarkLight
- PDF
Connect an AWS account
- 2 minutes to read
- Print
- DarkLight
- PDF
This document explains the steps to integrating Amazon Web Services (AWS) with Cloud IAM to provision, manage, and monitor access to the Cloud Service Provider (CSP).
Cloud IAM also supports Google Cloud Services (GCP) and Microsoft Azure. If you want to integrate other CSPs, check the documentation Connect a Google Cloud account or Connect an Azure account.
Requirements
- An AWS account.
- A management account or account with IAM permissions.
Create a custom policy in the AWS Console
- In the AWS Console, navigate to the IAM page.
- Go to the Policies page.
- Click Create policy.
- In the Policy editor, click the JSON option.
- Copy the JSON content below and paste it into the policy editor.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"opsworks:DescribeStacks",
"iam:DeleteAccessKey",
"opsworks:DescribePermissions",
"iam:CreateUser",
"iam:CreateAccessKey",
"iam:CreateLoginProfile",
"opsworks:UpdateUserProfile",
"iam:RemoveUserFromGroup",
"iam:AddUserToGroup",
"iam:ListAttachedUserPolicies",
"iam:DetachUserPolicy",
"opsworks:CreateUserProfile",
"iam:DeleteLoginProfile",
"iam:ListAccessKeys",
"iam:GetPolicyVersion",
"iam:ListPolicies",
"iam:GetPolicy",
"iam:AttachUserPolicy",
"iam:DeleteUserPolicy",
"opsworks:DescribeUserProfiles",
"iam:UpdateAccessKey",
"iam:ListRoles",
"iam:DeleteUser",
"iam:ListUserPolicies",
"opsworks:DeleteUserProfile",
"iam:ListGroupsForUser",
"opsworks:DescribeInstances",
"iam:ListUsers",
"iam:ListGroups",
"iam:GetUser",
"iam:GetLoginProfile",
"iam:GetAccountAuthorizationDetails"
],
"Resource": "*"
}
]
}
- Click Next.
- Give your policy an easily identifiable name.
- Configure optional settings if needed.
- Click Create policy.
For more details, check the AWS documentation on Create IAM policies (console).
Create a user with the custom policy in the AWS Console
- In the AWS Console, navigate to the IAM page.
- Go to the Users page.
- Click Create user.
- Attribute a username and click Next.
- Select the option Attach policies directly.
- Select the policy you created in the previous steps from the list
- Click Create user.
For more details, check the AWS documentation on Create an IAM user in your AWS account.
Create an access key for the user in the AWS Console
- In the AWS Console, navigate to the IAM page.
- Go to the Users page.
- Click the user you created in the previous steps.
- Navigate to the Security credentials tab.
- In the Access keys section, click Create access key.
- Select the Third-party service option.
- Add a tag if needed.
- Click Create access key.
- Copy the access key value and the secret access key and paste them into a text editor. You can also click the Download .csv file button to download the credentials. You’ll need these values when you integrate your account with senhasegura.
For more details, check the AWS documentation on Manage access keys for IAM users.
Integrate AWS with Cloud IAM
- In the top left corner of the senhasegura platform, click on the Grid Menu, represented by the nine squares, and select Cloud IAM.
- In the side menu, select Settings > Accounts.
- Click the View actions icon, represented by the three vertical dots, and select the option Add account.
- In the pop-up window, give a Name for the account.
- Click AWS.
- Click the AWS tab.
- Paste the user access key in the Access Key field.
- Paste the secret key in the Secret Access Key field.
- Select the Default Region.
- Click the Confirm button.
Once you’re done, the senhasegura Accounts page will refresh with your newly integrated AWS account.
Do you still have questions? Reach out to the senhasegura Community.