# 1. Setting up your first Cloud Service target account

AWS API calls are notoriously hard to read, understand and use.  Our goal is to help users connect and execute individual API calls as a node in Fylamynt workflows. More on this later when we create our first workflow.&#x20;

## Configure AWS in Fylamynt

After successfully [signing up](https://app.fylamynt.com/sign-up) for a Fylamynt account, the first onboarding step is to add your AWS account.  Click on **Connect AWS Account**

![](https://2168485084-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MXYvxfYq9m2JdKqaCdk%2Fuploads%2FXwYg9AxObNSbvsZPMR1N%2Fimage.png?alt=media\&token=b065463a-b693-4b53-970a-670052cbf10c)

If you decide to connect your AWS later, follow these steps:

* Navigate to **Settings** > Integrations > **Cloud Services**&#x20;
* ![](https://2168485084-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MXYvxfYq9m2JdKqaCdk%2Fuploads%2FQEecfooJ5E5ngh29NCkn%2Fimage.png?alt=media\&token=f2314ed5-60e4-47c0-bcb6-0f3cd40f1704)
* Click **"Add AWS Account"** to configure Fylamynt integration with your AWS account.
* ![](https://2168485084-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MXYvxfYq9m2JdKqaCdk%2Fuploads%2FTmEOSTarKsJu2h1sBBx0%2Fimage.png?alt=media\&token=cc6f0131-89ac-4e76-a849-6dee325bbf6a)

On the [**Add AWS Target Account**](https://app.fylamynt.com/settings/get-started) page, we provide multiple options to configure the IAM role with AssumeRole permission. Additional information is also available on the[ AWS integration page](https://docs.fylamynt.com/integrations/aws). The easiest method however is to use our provided CloudFormation template which will automatically open the users AWS console and Cloudformation stack with our template pre-loaded.&#x20;

**Configuration steps for CloudFormation template:**

* Login to your AWS account
* Select the CloudFormation Template here.&#x20;
  * CloudFormation Stack should open with the pre-loaded template&#x20;

![](https://2168485084-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MXYvxfYq9m2JdKqaCdk%2Fuploads%2FyxqlDof3DmrRA9LMchAn%2Fimage.png?alt=media\&token=2746016f-8d9d-4d5f-87b5-a27abe1fbeb5)

* Under Parameters, provide the information for each of the following:
* Fylamynt Account ID
  * On the **Add AWS Target Account setting** page, copy the Fylamaynt Account ID and paste it here.  *This is the AWS account ID that hosts the Fylamynt application, and you are granting that account access to your AWS target account.*
* Fylamynt External ID
  * On the **Add AWS Target Account setting** page, copy the Fylamaynt External ID and paste it here.&#x20;
* AWS Policy ARN
  * If you already have a policy, copy/paste the ARN. Otherwise, the Fylamynt team can help you create a policy that suits your needs.&#x20;
  * For non-critical test accounts, the **PowerUserAccess** managed policy is set by default. This will unlock the full functionality of the Fylamynt platform.
* Check the box to acknowledge that AWS CloudFormation might create IAM resources
* Click **Create stack**
* Monitor the stack status and verify successful completion with status "CREATE\_COMPLETE"
* ![](https://2168485084-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MXYvxfYq9m2JdKqaCdk%2Fuploads%2FUU0QwZhyI12R8X4ZKYg7%2Fimage.png?alt=media\&token=13c4d3d5-2c5b-46bd-9677-6153fe69f217)
* Select the Outputs tab and copy the AssumeRoleARN value
* ![](https://2168485084-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MXYvxfYq9m2JdKqaCdk%2Fuploads%2FLLnBowZ3pWUUpMdejmRo%2Fimage.png?alt=media\&token=ca574b9c-4465-4c24-9c04-9dc23a544e63)
* On the **Add AWS Target Account setting** page, paste the value into the **AssumeRole ARN** text field
* Enter an AWS Account Alias name
* Select the preferred region
* Click **Add Target Account**
* The newly added account should display on the **AWS Target Accounts** page
* ![](https://2168485084-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MXYvxfYq9m2JdKqaCdk%2Fuploads%2Fk6BOvAkz3oDqGDySnhkg%2Fimage.png?alt=media\&token=682c3dee-4194-427b-bf4d-5b4588746a0f)

Video walkthrough of the steps provided:

![](https://2168485084-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MXYvxfYq9m2JdKqaCdk%2Fuploads%2FFGo2E3eqqxx6mJRJiTE2%2FOnboarding-Add-AWS-Account.gif?alt=media\&token=d00c8e72-026f-4fd5-a39e-c592d72b6ff5)

With a target AWS Account added, let's see what functionality this provides by creating your first workflow.