When you create a new account in CloudCheckr, you must enter in your cloud provider credentials to ensure CloudCheckr can ingest your data.
This procedure shows you how to use CloudFormation to create an IAM role that will streamline the AWS credential creation process and ensure your AWS permissions always stay up-to-date.
- Log into your AWS Management Console.
- Launch the Cloudcheckr application.
- From the left navigation pane in Cloudcheckr, select Account Settings > AWS Credentials.
The Use a Role for Cross-Account Access tab displays by default.
- Copy the external ID.
- Click the Launch CloudFormation Stack link.
The AWS Management Console opens and displays the Select Template screen in the Create stack wizard.
Under the Specify an Amazon S3 template URL, a link to the related template is provided.
- Click Next.
The Specify Details screen opens.
- In the ExternalID text field in the Parameters section, paste the external ID that you copied from Cloudcheckr, and click Next.
The Options screen opens.
- Modify the fields depending on your needs, and click Next.
The Review screen opens.
- Select the I Acknowledge that AWS CloudFormation might create IAM resources check box and click Create.
- When the stack creation is complete, select the check box next to cloudcheckr-iam-stack, go to the Resources tab, and click IAM Role’s Physical ID.
- Copy the Role ARN value and return to CloudCheckr.
- In the AWS Role ARN text field, past the Role ARN value and click Update.
Your account will now be populated with proper AWS credentials that Cloudcheckr will continue to update with new permissions whenever new features are released.