This article details how to add a CloudFormation template which will grant ClearCloud Read Only & Billing access to your AWS account.
You may have been directed to this page by your account manager or pre-sales solution architect to enable ClearCloud to get a better understanding of your Existing AWS Environment.
Requirements
- You must have an existing AWS account. If you don't, you can stop reading here.
- You will need to have 'root' level access to your AWS account, this is typically the primary username and password used for managing your AWS account.
Resources
CloudFormation Template - https://clearcloudcfn.s3-eu-west-1.amazonaws.com/yml/clearcloudro.yml
Granting access (Creating the Stack)
Follow the below steps to apply the CloudFormation template and grant ClearCloud Read Only & Billing Access to your AWS account.
- Login to the AWS Console https://aws.amazon.com/console/
- Navigate to the service 'CloudFormation' as shown below.
- Click 'Create Stack', as shown below.
- Using the option 'Specify an Amazon S3 template URL' provide the CloudFormation Template URL from the Resources section of this article and click Next, as shown below.
- Enter a 'Stack name' e.g 'clearcloud-read-only-plus-billing-access', as shown below.
- On the options page, create a Tag so that the role resource can be identified easily at a later date such as the below then click 'Next', as shown below.
- On the Review Page tick the box 'I acknowledge that AWS CloudFormation might create IAM resources' and Click 'Create', as shown below.
- You should now see your stack in the status 'CREATE_IN_PROGRESS', as show below
- After a couple of minutes, the stack status should change to 'CREATE_COMPLETE', as shown below.
- Now the stack is created, simply tick the checkbox next to the stack name, select the 'Outputs' tab and capture the Role and Account ID Values. Once captured simply provide these values to the ClearCloud team, along with your company name.
- To share your billing data, you should also enable IAM users to view it by following the steps here: https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html
Revoking access (Deleting the Stack)
Follow the below steps to Remove the CloudFormation Stack and revoke the ClearCloud Access.
- Login to the AWS Console https://aws.amazon.com/console/
- Navigate to the service 'CloudFormation' as shown below.
- Tick the checkbox of the ClearCloud Stack you want to delete, then clicking the 'Actions' menu click 'Delete Stack', as shown in the output below.
- At the Confirmation screen, click 'Yes, Delete', as shown in the output below.
- The Stack status will change to 'DELETE_IN_PROGRESS', as shown in the output below.
- After a couple of minutes the Stack will be deleted and the ClearCloud Read Only & Billing access is then revoked.
- You should finally revert access for IAM Users to your billing data, you can find a how-to here https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html