Create AWS Cloud Account

Create an AWS Cloud Account for your Organisation.

To manage your Kubernetes clusters and integrate them with AWS services, you need to configure AWS credentials within our Console. Follow the steps below to set up your AWS IAM user with the necessary permissions.

Step 1: Navigate to AWS IAM

  1. Open a web browser and go to the AWS IAM console by clicking here.
  2. If prompted, sign in with your AWS account credentials.

Step 2: Create a New IAM User

  1. In the IAM console, click on “Users” in the navigation pane.
  2. Click the “Add user” button to create a new IAM user.
  3. Enter a name for the user in the “User name” field, such as “my-avisi-cloud-user”.
  4. Click the “Next: Permissions” button.
Rectangle

Step 3: Add Required Policies

To enable the necessary AWS permissions for managing Kubernetes, we need to attach two policies to the IAM user: EC2FullAccess and IAMFullAccess. These policies provide the required permissions to provision EC2 resources and manage IAM policies for Kubernetes integrations.

  1. In the “Set permissions” step, click on the “Attach existing policies directly” button.
  2. Search for “EC2FullAccess” in the policy search box and select it from the list.
  3. Search for “IAMFullAccess” and select it as well.
  4. Double-check the selected policies to ensure they match the following:
    • EC2FullAccess
    • IAMFullAccess
  5. Click the “Next: Tags” button (you may add tags if needed, but they are not required).
  6. Click the “Next: Review” button.
Rectangle

IAM Permissions


EC2FullAccess is required in order to provision AWS EC2 resources, such as:

  • VPC
  • Subnets
  • EC2 Instances
  • Loadbalancers
  • NAT Gateways

IAMFullAccess is required for:

  • Provisioning IAM Policies, attached to EC2 Instances
  • Creating new IAM user for Kubernetes integrations, such as Load Balancer Controllers, Storage integrations (CSI / Container Storage) and cloud-controller-manager (https://kubernetes.io/docs/concepts/architecture/cloud-controller/).

Step 4: Review and Create the IAM User

  1. Review the information provided for the IAM user to ensure it is correct.
  2. If everything looks good, click the “Create user” button.

Step 5: Retrieve AWS Access Key and Secret Key

Create IAM Access Keys

Navigate to the newly created IAM user, and under the security credentials tab select “Create Access key”.

Rectangle

Create the new Access Key by selecting the “Other” type.

Rectangle

Press next, this will present you with a screen to enter a descriptive name for the new access key.

Rectangle

After this, you are presented with the Access Keys (Access Key in screenshot is for demo purposes):

Rectangle

Create Cloud Account in the Console

Now we can create a cloud account within the Console. In the side bar in the Console, select Cloud Account. Next select add Cloud Account.

Rectangle

Fill in the name of your account. This is a short descriptive name used to identify the account later on, during cluster creation. You can create multiple cloud accounts for the same Cloud Provider.

Once this is created you are presented with the cloud account details screen. You can now configure the credentials we just created in AWS.

Copy Access Key Credentials

Copy the Access Key credentials to the Avisi Cloud Console.

  • The Access Key needs to be pasted into the Access Key ID field the Avisi Cloud Console
  • The Secret Access Key needs to be pasted into the Access Key Secret field in the Avisi Cloud Console
  • Enter a descriptive name. We recommend the same name as you used for creating the access key in AWS.
Rectangle

After pressing create AWS Credentials, you can now use this AWS account within the Avisi Cloud Console.