Versions Compared

Version Old Version 9 New Version 10
Changes made by

Christine Gross

Trevor Huntting (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Click on Roles from the left hand side menu to begin then click Create role button to create a new IAM Role.

    Image RemovedImage Added

     

  2. Under Select type of trusted entity select Another AWS account and enter the 12 digit Account ID of Zilla (087210011007). Select the Options checkbox for ‘Require external ID’ and enter the External ID field as your tenant’s domain name. Click Next: Permissions.

    Image RemovedImage Added

     

  3. On the permissions page, search for the policy SecurityAudit , and select the checkbox. Click Next: Tags.

    Image Removed
  4. Image Added

    Optionally add tags and click Next: Review.

     

  5. On the review page, add the name of the role Zilla-IAM-Reader-Role and optionally add a description. Review the trusted entity account id matches Zilla’s account Id (087210011007) and that the Policies section contains SecurityAudit. Click Create role.

    Image RemovedImage Added

     

  6. Once the role is created, you can search for it on the Roles tab and click on the role to check its details.

    Image RemovedImage Added

     

  7. On the role details page, double check the policy under Trust relationships that Trusted entities has Zilla Account ID (087210011007) and your domain name as ExternalId condition.

    Image RemovedImage Added

     

Info

Notes:

  1. Copy the Role ARN. For example: arn:aws:iam::<YOUR_AWS_ACCOUNT_ID>:role/Zilla-IAM-Reader-Role and keep it handy for later.

  2. Typically IAM Users and Groups are created against each AWS Account, so you will need to create the above role and policy for each of your AWS Accounts.

  3. Currently, the IAM Role and Policy creation to bring in IAM Users and Groups is mandatory in Zilla.

...