Copy AWS Role ARN to Your CloudCheckr Account


After you have created and attached a secondary policy to your cross-account role, you need to copy an AWS Role ARN to your CloudCheckr account.


  1. From the dashboard, click Roles.
  2. How Do I Access the IAM Dashboard?

    1. Login to the AWS Management Console.
    2. The AWS services page opens.

    3. Scroll down to the Security, Identity & Compliance section and select IAM.
    4. The Welcome to Identity and Access Management screen displays.

    The Roles page opens.

  3. In the Search text field, type the name of the new cross-account access role to filter the list.
  4. Click the name of the new cross-account role from the list.
  5. The Summary page opens. Notice the Role ARN value at the top of the page.

    ARN values use this format: arn:aws:iam::YourAccountIDHere:role/CloudCheckrRole.

    For the purposes of this procedure, we have masked the true ARN value.

  6. Click the Copy icon next to the Role ARN.
  7. Launch CloudCheckr.
  8. Select an account from the list.
  9. From the left navigation pane, select Account Settings > AWS Credentials.
  10. The Edit AWS Credentials page opens. The Use a Role for Cross-Account Access tab displays by default.

  11. In the AWS Role ARN text field, paste the role ARN value you copied from AWS.
  12. Click Update.
  13. Cloudcheckr will begin populating your account with data. Depending on the size of your AWS account, this can take a few hours or more.

    Note: You can access specific permissions to allow CloudCheckr’s Automation features to work here. You can add these permissions as another policy to your cross-account access role.

See Also:
Preparing Your AWS Account