Add AWS Cloud Account
IAM roles are a secure way to grant permissions to entities that you trust. Examples of entities include the following:
– IAM user in another account.
– Application code running on an EC2 instance that needs to perform actions on AWS resources.
– An AWS service that needs to act on resources in your account to provide its features.
– Users from a corporate directory who use identity federation with SAML.
IAM roles issue keys that are valid for short durations, making them a more secure way to grant access.
Cloud Account Creation
1. Click on button on the screen or alternatively, navigate to Cloud Accounts dashboard and
2. Add Cloud Account screen would show up.
3. Select Amazon Web Services in Select Provider Screen and click
4. Select Region screen would appear, check on your desired regions and click
Note: All the regions would be selected by Default.
5. Enter a valid string in AWS Account Name field.
6. Log in to your AWS console, click https://console.aws.amazon.com/iam/home (open it in New tab).
7. Navigate to Roles in the IAM console and click Create Role.
8. Click Another AWS Account in the Create Role screen.
9. Copy Account ID from your Cloudnosys Dashboardand paste it in the Account ID field in your AWS console.
10. Navigate to your Cloudnosys tab and copy your External ID.
11. In options field, click on the first checkbox to Insert External ID.
Note: Do not refresh the cloudnosys tab at this point, because External ID changes every time the page is refreshed.
13. In the next screen that appears, click
14. A new tab would open with AWS Create Policy screen.
15. Now navigate to your Cloudnosys tab and select your desired policy out of the two given policies, by clicking on it.
Cloudnosys provides two types of Policies:
– Full Protection Policy (Full-Access) – Provides Remediation
– Security and Audit Policy (Read-Only) – Does not provide Remediation
16. After selecting your desired policy, click on the Copy button to copy the policy.
17. Paste this policy on the JSON editor of Create policy page.
18. Click on
19. In the Review Policy Page that appears, enter your Policy name, its description and click
20. Now navigate to your previous AWS tab where you were creating IAM Role, refresh it and search the policy you just created.
21. Attach that policy and click
22. Click button in the next screen.
23. This would successfully create your IAM Role and generate a Role ARN.
24. To get your Role ARN, navigate back to Roles in AWS console, locate your Role name, click on that and it would open up your role summary, displaying your Role ARN on the top.
25. Copy Role ARN from AWS console and paste it in the Role ARN field in Cloudnosys Dashboard.
27. Your Role would be successfully created.