1. Setting up your first Cloud Service target account
To start using Fylamynt, you will need to connect your AWS Accounts. Fylamynt uses an IAM role with assume role permissions. Using policies allows for custom access to only the necessary services.
AWS API calls are notoriously hard to read, understand and use. Our goal is to help users connect and execute individual API calls as a node in Fylamynt workflows. More on this later when we create our first workflow.
If you decide to connect your AWS later, follow these steps:
- Navigate to Settings > Integrations > Cloud Services
- Click "Add AWS Account" to configure Fylamynt integration with your AWS account.
On the Add AWS Target Account page, we provide multiple options to configure the IAM role with AssumeRole permission. Additional information is also available on the AWS integration page. The easiest method however is to use our provided CloudFormation template which will automatically open the users AWS console and Cloudformation stack with our template pre-loaded.
Configuration steps for CloudFormation template:
- Login to your AWS account
- Select the CloudFormation Template here.
- CloudFormation Stack should open with the pre-loaded template
- Under Parameters, provide the information for each of the following:
- Fylamynt Account ID
- On the Add AWS Target Account setting page, copy the Fylamaynt Account ID and paste it here. This is the AWS account ID that hosts the Fylamynt application, and you are granting that account access to your AWS target account.
- Fylamynt External ID
- On the Add AWS Target Account setting page, copy the Fylamaynt External ID and paste it here.
- AWS Policy ARN
- If you already have a policy, copy/paste the ARN. Otherwise, the Fylamynt team can help you create a policy that suits your needs.
- For non-critical test accounts, the PowerUserAccess managed policy is set by default. This will unlock the full functionality of the Fylamynt platform.
- Check the box to acknowledge that AWS CloudFormation might create IAM resources
- Click Create stack
- Monitor the stack status and verify successful completion with status "CREATE_COMPLETE"
- Select the Outputs tab and copy the AssumeRoleARN value
- On the Add AWS Target Account setting page, paste the value into the AssumeRole ARN text field
- Enter an AWS Account Alias name
- Select the preferred region
- Click Add Target Account
- The newly added account should display on the AWS Target Accounts page
Video walkthrough of the steps provided:
With a target AWS Account added, let's see what functionality this provides by creating your first workflow.