Versions Compared

Version Old Version 7 New Version 8
Changes made by

Christine Gross

Christine Gross

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Reverted from v. 6

This page outlines the steps to enable AWS Integration with Zilla. We will be using the Delegate access across AWS accounts using IAM roles tutorial as a guide to allow you to delegate access of your AWS account to Zilla’s AWS account using AWS IAM Roles.

Table of Contents
minLevel1
maxLevel7

Bring in IAM Users and Groups into Zilla

...

  1. Login to the AWS Account via the AWS Management Console

    Enter your 12-digit account number. Click Next and then enter your username and password to login.

  2. Once you are logged in, you will land on the home page with a search bar at the top.

     

  3. In the search bar, search for IAM and click on the search result called IAM.

     

  4. You will be redirected to the IAM dashboard.

     

  5. Before creating a role, we will first create a policy that will be assigned to the role. Click Policies on the left hand side menu.

     Search

  6. for Security Audit policyClick Create policy and then click on the JSON tab.

    Image Added

  7. IAM Policy Creation: Enter the following json snippet and click Next Tags. Replace <YOUR_AWS_ACCOUNT_ID> with your 12 digit AWS Account ID. The following policy allows Zilla to read the IAM Users and Groups information from your AWS account

    Code Block
    {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": "iam:GetGroup",
            "Resource": "arn:aws:iam::<YOUR_AWS_ACCOUNt_ID>:group/*"
        },
        {
            "Sid": "VisualEditor1",
            "Effect": "Allow",
            "Action": "iam:GetAccountAuthorizationDetails",
            "Resource": "*"
        }
    ]
}

     

     

  8. Optionally add tags and click Next: Review.

  9. Review Policy: On the review page, enter the Name (Zilla-IAM-Reader-Policy) and optionally a description for the policy. Review the permissions assigned to the policy and then click Create policy The policy will look like this:

     

  10. You will see a success message that the policy has been created.

     

  11. To confirm that the policy is present, you can search for it in the policy search bar. You will see your newly added policy in the list.

     

  12. Click on the policy Zilla-IAM-Reader-Policy to double check the assigned permissions. The policy will look like this:

    Click on the {} JSON tab to double check the policy json. (Account ID redacted from screenshot)

     

...