AWS IAM

The AWS IAM connector for Elimity Insights fetches users, groups, roles and policies for an AWS account so you can keep in control of your environment. Follow the instructions below to set up the connector for your environment.

1. Creating a dedicated user in AWS

We recommend to create a dedicated AWS IAM user for the connector. This allows you to grant it a minimal amount of privileges:

1. Sign in to your AWS console and navigate to the IAM service by clicking on 'Services > Security, Identity & Compliance > IAM' in the top-left corner.

2. Visit the users page via the 'Access management > Users' item in the menu on the left-hand side.

3. Press the 'Add users' button in the top-right corner.

4. Provide a name for the new user, e.g. elimity-insights.

5. For the AWS access type, tick the checkbox next to 'Access key - Programmatic access'.

6. Click the 'Next - Permissions' button in the bottom-right corner.

7. Click the on the 'Attach existing policies directly' button, and search for the 'IAMReadOnlyAccess' policy.

8. Tick the checkbox in this table row and click on the 'Next - Tags' button in the bottom-right corner.

9. This connector does not use any tags, so you can skip ahead by clicking the 'Next - Review' button.

10. Review the configuration details and press the 'Create user' button.

Having reached the last step in AWS's user creation process, you can now note down the 'Access key ID' and 'Secret access key' values for later use.

2. Creating a source in Elimity Insights

In Elimity Insights you can now create a new AWS IAM source providing the following configuration options: