Configuring AWS Organizations

AWS Organizations allows you to access multiple accounts seamlessly, and centrally manage Governance, Security and Billing

Syncing an Organization to TotalCloud is a simple process that requires access to only the Master Account

  1. Create an IAM User in the Master Account of the Organization, and enable Programmatic access. Click 'Next: Permissions'

2. Attach an existing policy, and choose ReadOnlyAccess and CrossAccountAssumeRole

3. Adding a tag is optional. Create the User. Copy the Access key ID and Secret access key.

4. Login to TotalCloud, and go to Accounts --> AWS --> Organization. Add a new account, and Enter a name for it. Paste the Access key ID and Secret access key from AWS. Enter a name for the Organization. Click Validate.

5. This will list out the Member accounts of the Organization. Ensure that each of the Member Accounts have a Role which provides Admin Access to the Master Account. Paste the ARN for that role in the name next to each account.

In case you get an error for a Member account:

  • Ensure that the name does not have any Dots or Spaces

  • The ARN entered is that of the Role which provides the Master account access to the Member account

You can also edit the names and remove any member account from the list

6. Click Save. This will show the synced Organization.