AWS Account
To authenticate with your AWS account, you will need to grant AutoCloud read-only access to your resources.
- Go to Cloud Accounts
- Select "Add New" on top right corner
- Choose AWS as a provider.
- Name your account and add a description, this will be the "Display Information"
- Click Next
6. For AutoCloud to access you will need to generate a cross-account read-only role. It's the simplest and most secure way of authenticating with your AWS account. This role will need the AWS owned "ReadOnlyAccess" permissions only. You may use Terraform (Option 1) or Cloudformation (Option 2) to generate the Role ARN.
Follow the next steps to to generate a Role ARN using Terraform:
- Get your AutoCloud organization ID from the modal.
- Get the Provision Instructions, copy and paste into your Terraform configuration.
- The following assets will be created:
- aws_iam_role - The AWS IAM cross-account role
- aws_iam_role_policy_attachment - Several AWS IAM policy role attachments linking the cross-account role to the specific permissions allotted
- Copy the role ARN.
- Click Cloudformation
- In AWS Console you must confirm the creation of the Cloudformation stack. This will create a read-only access role, named "AutocloudReadOnly".
3. Wait for the CloudFormation stack to finish. This should take no more than a couple of minutes.
4. Copy the new role ARN from CloudFormation stack outputs.
5. Copy the role ARN.
- Enter the Role ARN to give AutoCloud read-only access. The credentials will be saved and you will be authenticated.
2. You may select a few Scanning Options like the regions you would like to crawl and the time of the snapshots (this will be daily).
3. Your account was onboarded and it's now being scanned!
