Add AWS Cloud Account

Add AWS Cloud Account

IAM Role

IAM roles are a secure way to grant permissions to entities that you trust. Examples of entities include the following:

– IAM user in another account.
– Application code running on an EC2 instance that needs to perform actions on AWS resources.
– An AWS service that needs to act on resources in your account to provide its features.
– Users from a corporate directory who use identity federation with SAML.

IAM roles issue keys that are valid for short durations, making them a more secure way to grant access.

Cloud Account Creation

1. Click on button on the screen or alternatively, navigate to Cloud Accounts dashboard and

click button.

2. Add Cloud Account screen would show up.

3. Select Amazon Web Services in Select Provider Screen and click

4. Select Region screen would appear, check on your desired regions and click

Note: All the regions would be selected by Default.

5. Enter a valid string in AWS Account Name field.

6. Log in to your AWS console, click https://console.aws.amazon.com/iam/home (open it in New tab).

7. Navigate to Roles in the IAM console and click Create Role.

8. Click Another AWS Account in the Create Role screen.

9. Copy Account ID from your Cloudnosys Dashboardand paste it in the Account ID field in your AWS console.

10. Navigate to your Cloudnosys tab and copy your External ID.

11. In options field, click on the first checkbox to Insert External ID.

Note: Do not refresh the cloudnosys tab at this point, because External ID changes every time the page is refreshed.

12. Click

13. In the next screen that appears, click

14. A new tab would open with AWS Create Policy screen.

15. Now navigate to your Cloudnosys tab and select your desired policy out of the two given policies, by clicking on it.

Cloudnosys provides two types of Policies:

– Full Protection Policy (Full-Access) – Provides Remediation
– Security and Audit Policy (Read-Only) – Does not provide Remediation

16. After selecting your desired policy, click on the Copy button to copy the policy.

17. Paste this policy on the JSON editor of Create policy page.


18. Click on
19. In the Review Policy Page that appears, enter your Policy name, its description and click
20. Now navigate to your previous AWS tab where you were creating IAM Role, refresh it and search the policy you just created.
21. Attach that policy and click
22. Click button in the next screen.

23. This would successfully create your IAM Role and generate a Role ARN.

24. To get your Role ARN, navigate back to Roles in AWS console, locate your Role name, click on that and it would open up your role summary, displaying your Role ARN on the top.


25. Copy Role ARN from AWS console and paste it in the Role ARN field in Cloudnosys Dashboard.

26. Click

27. Your Role would be successfully created.

Leverage the Power of CloudEye Security

Cloudnosys platform delivers security, compliance, and DevOps automation. Continually scan your entire AWS services for security and compliance violations for Network Security, IAM Policies, VPC, S3, Cloudtrail etc. Provides DevOps automation and policy driven guided remediation for Azure and AWS. Meet PCI, HIPAA, NIST, ISO27001, SOC2, FISMA, AWS CIS Benchmark compliance quickly.

+1 (404) 692-5787

205 Market Place, Suite 200,Atlanta,
GA 30075, USA

[email protected]