Setting Up an IAM Role to TotalCloud
To set up an IAM role to TotalCloud, follow the below steps:
- Sign in to your Amazon Identity and Access Management (IAM) console.
- In the IAM pane, click Create Role
- Under Select type of trusted entity section, select Another AWS Account.
- Go to TotalCloud AWS Account Setup web page. Copy the Account Number as shown in the page below.
- Go back to your Amazon Web Services’ IAM management page, under the Specify accounts that can use this role section, paste the Account Number in Account ID.
- Select Require External ID from Options.
- Go to TotalCloud AWS Account Setup web page. Copy the External ID as shown in the page below.
- Go back to your Amazon Web Services’ IAM management page and paste the External ID.
- Do not select Require MFA option and click Next: Permissions.
- Do not select any Managed Policies from the list because each workflow will be assigned with a custom policy with right permissions. Selecting PowerUserAccess policy or any unwanted policies provides over permissions to totalcloud, which is not a good practice.
- Click Next: Tags.
- On the Tags page, make no changes and click Next:Review.
- Enter TotalCloud in Role name, and click Create Role.
- From the list, select the TotalCloud role from the role list.
- in the Summary section, copy the Role ARN value and paste it in ARN, on the totalcloud web setup page.
- On the totalcloud AWS account setup page, click Validate.
- Enter a Profile Name and a profile for AWS account is created.