AWS

Brainboard allows you to connect to your AWS environments, whether you want to provision resources, import existing infrastructure or simply manage your architecture on a daily basis.

It supports 2 authentication methods described below:

  1. Assume role (recommended)

Configure access

To connect Brainboard to your AWS account:

  1. Go to the Cloud providers integration settings page.

  2. Click on Amazon Web Services

  3. Click on New connection

  4. This will open the new connection page where you have 2 options:

Assume role

When you click on the option Assume role Brainboard guides you in the connection process:

  1. In this page, click on Create role button, it will open your AWS account with pre-filled information

  2. In your AWS portal, review the configuration and click next

  3. Select the right permission to grant for this connection

  4. Give the role a name, review and click on create role at the bottom

  5. Copy the ARN of the role

  6. Add the ARN in Brainboard credentials creation page

  7. Brainboard checks if the connection can be established:

    1. If the connection is successful, you will have this message

    2. If it fails, you get an information about it

  8. Name the connection in Brainboard

    This name is used only within Brainboard, so it's a best practice to give an explicit name that allows you to identify which account is referring to.

Access key and secret

Brainboard allows you to add your access key, secret and session token if this is your preferred way to connect to your AWS environments:

You need to generate the the access key and secret from your AWS account first.

Generate AWS access key and secret
  1. Sign in to the AWS Management Console: Go to the AWS Management Console and sign in with your AWS account credentials.

  2. Navigate to the IAM Console: In the console, search for “IAM” and select the IAM console.

  3. Create a new user: In the IAM console, choose “Users” from the navigation pane. Click “Add user” to start creating a new user. Provide a name for the user and check the box to give it access to the AWS Management Console. If you prefer to give it programmatic access only, you can also do that.

  4. Set permissions (Optional): You can attach policies to the user to grant specific permissions.

  5. Create the access key: Go to the “Security credentials” tab of the user. Click “Create access key” under the “Access keys” section. The Access Key ID and Secret Access Key will be displayed.

  6. Save the keys: Save both the Access Key ID and Secret Access Key securely. You will not be able to retrieve the secret key again if you don’t save it at this point.

Set the scope

Once your credentials are added you can specify where exactly they will be used

This allows you to specify whether you want:

  1. Make the credentials the default to use within your organization: which means any architecture created in Brainboard will use these credentials if it doesn't have its own ones.

  2. Use in a specific project

  3. Use in a specific environment

  4. Use in a specific architecture

Last updated

Was this helpful?