Enable AWS 3rd party, read-only account access

This guide will walk you through the steps you needed to enable 3rd party, read-only access to your Amazon Web Services (AWS) account.

1.)  Log in to your AWS account through the AWS management console.

2.)  At the top of the page, click on Services then look for IAM:


3.)  Click on the Roles link to the left, then click on the blue Create New Role button on the right:


4.)  Provide a Role Name, for example "OpsClarity-Access".  Then click on the "Next Step" button in the lower right corner.

5.)  Click on Role for Cross-Account Access below to open up additional options:


6.)  Click on the Select button for the "Allows IAM users from a 3rd party AWS account to access this account" option:


7.)  In the following screen, copy over the OpsClarity AWS Account ID and OpsClarity External ID as taken from your installation page under step #2.  Make sure to keep the Require Multi-Factor Authentication (MFA) option OFF.  Click on the blue "Next Step" button in the bottom right corner.

8.)  Choose read only access for this role:


 9.)  Clicking on to the next step will let you review the details of the role you created.  Copy the Role ARN from the page back to the Installation page under step #3:


10.)  On that installation page click on "OK" to finish the process.  More instructions regarding that installation page can be found here.


If you have any questions or comments about this article, feel free to contact us at support@opsclarity.com.

2016.2.4 0.8.111

Have more questions? Submit a request


Please sign in to leave a comment.