Configuring AWS - Role

Allow TotalCloud access to your AWS account using an IAM Role. After syncing, you can add the permissions required for each workflow as inline policies within the role.

You can configure your AWS account on TotalCloud using either a Role or Key.

Using a Role

  1. Go to the AWS Management Console, and choose IAM from the services

‚Äč

2. On the left side click on roles, and then select Create Role.

3. Select Another AWS Account under Type of Trusted Entity, and select Require external ID.

4. In the TotalCloud Adding AWS Account page, select Role

  • Copy the External ID and Account Number, and enter them in the AWS Console

  • Do not select Require MFA

  • Click Next: Permissions

5. Do not select any managed policies from Attach permissions policies, as each workflow is given a custom policy. Click Next: Tags.

  • Adding tags are optional. Click Next: Review.

  • Enter TotalCloud in Role name, and then click Create role.

  • Click TotalCloud from the list of role names.

6. Copy the Role ARN from the console. On the TotalCloud set-up page, paste it under ARN, and enter an account name of your choice. Click save.

7. You will get a confirmation that your details have been validated.

In order to ensure that you have seamless AWS integration, give the IAM getrole permission to your Role. Alternatively, add the following code as an Inline Policy:

{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "1580112979752",
"Effect": "Allow",
"Action": [
"iam:getrole"
],
"Resource": "*"
}
]
}