To run the Illuminate 360 discovery in your AWS environment, you are required to onboard an AWS account in Illuminate 360. This requires an AWS IAM user credentials (Access key Id, Secret access key) with the AWS-managed ReadOnlyAccess policy attached to it.
ReadOnlyAccess is an AWS-managed policy that provides read-only access to AWS services and resources. You can refer to the AWS documentation for details.
Steps to create a Service Account for AWS Account Illuminate 360 On-boarding:
- Create a user in AWS.
- Attach the AWS Managed ReadOnlyAccess policy to the User directly or via a group.
- Create the access key & download the .csv file.
Create a AWS User:
Go to AWS IAM’s User module and click on the ‘Create User’ button:
Specify the User details and click ‘Next’
NOTE: There is no need to ‘Provide user access to the AWS Management Console’.
Attach the AWS Managed ReadOnlyAccess policy to the User (directly or via a group):
Note: To filter the policies, you can use the ‘AWS managed - job function’ as a filter.
Confirm, add Tag(s) (optional), and create the user.
Create the access key & download the .csv file:
Once the User is created, open the User details. Go to the ‘Security Credential’ tab and ‘Create an access key’.
Specify the description tag.
Retrieve the access key to be used in Illuminate 360.