Creating a Cloud Account
To create a new cloud account or access a cloud account in CoPilot:
-
Go to Cloud Resources > Cloud Accounts.
-
Click Onboard Cloud Account.
-
Enter the parameter values:
Parameter Description Account Name
Enter the name of the cloud account.
Cloud Account
Select the Cloud Service Provider (CSP) for this account.
-
Select the parameters specific to the Cloud Account you are using.
See the sections below for connecting cloud accounts.
-
Click Save.
The new cloud account appears in the table.
After an account is created you can you can audit the account from either the Actions menu or the vertical ellipses menu.
You can also update the IAM Policy for any AWS cloud account from the Actions menu. If you select non-AWS cloud accounts when updating policies, the non-AWS accounts are skipped during the update process. Also, the current version of the IAM policy is saved by AWS. Up to 5 (latest) non-default policy versions are retained.
To edit a cloud account, click the Edit icon in the row of the cloud account. You can edit all fields except for Account Name and Cloud Type.
AWS Cloud Account
When you select AWS as the cloud for this account, you can click the dropdown menu on the icon to select Standard, China, or GovCloud.
Parameter | Description |
---|---|
IAM Role-Based |
If this account is based on an IAM Role (recommended), ensure this toggle switch is set to On (the default setting). |
Launch the CloudFormation script to establish the trust with your primary access account. (Skip if you have already run the script). |
Select this link to run the CloudFormation script in AWS if you have not already done so. Then, return to this page and continue. |
AWS Account Number |
Enter the 12-digit account number from your AWS account. |
AWS App Role ARN |
(Optional) Enter the AWS App Role ARN for aviatrix-platform-app from IAM > Roles in the AWS console. ARN values are only required if you are creating an access account that is separate from the one from which you deployed the Controller. |
AWS EC2 Role ARN |
(Optional) Enter the EC2 Role ARN for aviatrix-role-ec2 from IAM > Roles in the AWS console. |
Add to RBAC Groups |
(Optional) Click on this dropdown menu and select the RBAC (Role Based Access Control) groups that should be able to access this account. |
I have run the CloudFormation script to set up this secondary access account |
If you have already run the CloudFormation script to create the primary account in AWS, select this checkbox. |
Azure Cloud Account
Note that when you select Azure as the cloud for this account, you can click on the dropdown menu on the icon to select Global, China, or GovCloud.
Parameter | Description |
---|---|
ARM Subscription ID |
Enter the Azure ARM Subscription ID from your Azure account. |
Directory ID |
Enter the Directory ID from your Azure account. |
Application ID |
Enter the Application ID from your Azure account. |
Application Key |
Enter the Secret Key Value saved from your Azure account. |
Add to RBAC Groups |
(Optional) Click on this dropdown menu and select the RBAC (Role Based Access Control) groups who should be able to access this account. |
GCP Cloud Account
Parameter | Description |
---|---|
GCP Project ID |
Enter the Project ID from your Google Cloud Platform (GCP) account. |
GCP Project Credentials |
Click Upload to upload your GCP Project Credentials here. |
Add to RBAC Groups |
(Optional) Click on this dropdown menu and select the RBAC (Role Based Access Control) groups who should be able to access this account. |
OCI Cloud Account
Parameter | Description |
---|---|
OCI Tenancy ID |
Enter the Tenancy ID from your OCI account. |
OCI User ID |
Enter the OCI user ID for the user who should be able to access this account through CoPilot. |
OCI API Private Key File |
Click Upload to upload the private key file you downloaded from your OCI account. |
Add to RBAC Groups |
(Optional) Click on this dropdown menu and select the RBAC (Role Based Access Control) groups who should be able to access this account. |
Alibaba Cloud Account
Parameter | Description |
---|---|
Alibaba Account ID |
Enter your Alibaba Account ID. |
Access Key |
Enter the Access Key from your Alibaba account. |
Secret Access Key |
Enter the Secret Access Key from your Alibaba account. |
Add to RBAC Groups |
(Optional) Click on this dropdown menu and select the RBAC (Role Based Access Control) groups who should be able to access this account. |