This guide will walk you through the steps you needed to enable 3rd party, read-only access to your Amazon Web Services (AWS) account.
1.) Log in to your AWS account through the AWS management console.
2.) At the top of the page, click on Services then look for IAM:
3.) Click on the Roles link to the left, then click on the blue Create New Role button on the right:
4.) Provide a Role Name, for example "OpsClarity-Access". Then click on the "Next Step" button in the lower right corner.
5.) Click on Role for Cross-Account Access below to open up additional options:
6.) Click on the Select button for the "Allows IAM users from a 3rd party AWS account to access this account" option:
7.) In the following screen, copy over the OpsClarity AWS Account ID and OpsClarity External ID as taken from your installation page under step #2. Make sure to keep the Require Multi-Factor Authentication (MFA) option OFF. Click on the blue "Next Step" button in the bottom right corner.
8.) Choose read only access for this role:
9.) Clicking on to the next step will let you review the details of the role you created. Copy the Role ARN from the page back to the Installation page under step #3:
If you have any questions or comments about this article, feel free to contact us at firstname.lastname@example.org.