Legacy - Connecting an AWS Linked account
DigiUsher supports the AWS Organizations service that allows linking several data sources in order to centrally manage data of multiple users while receiving all billing reports within a single invoice.
Selecting a AWS Linked tab will make the registration flow easier eliminating the option to input bucket information for billing purposes since this will be received through the root account, whose user will then be able to distribute periodic reports individually if intended by the company management. In this case, only Access Key and Secret Key are required.
If you only specify a AWS Linked account without providing credentials for the main one, DigiUsher will not be able to import any billing data.
Programmatic Access to the AWS cloud account must be enabled.
Use “Connect” to create a data source in DigiUsher. If some of the provided values are invalid, an error message will indicate a failure to connect.
Discover Resources
DigiUsher needs to have permissions configured in AWS for the user data source in order to correctly discover resources and display them under a respective section of the dashboard for the associated employee.
Make sure to include the following policy in order for DigiUsher to be able to parse EC2 resources data:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "DigiUsherOperations",
"Effect": "Allow",
"Action": [
"s3:GetBucketPublicAccessBlock",
"s3:GetBucketPolicyStatus",
"s3:GetBucketTagging",
"iam:GetAccessKeyLastUsed",
"cloudwatch:GetMetricStatistics",
"s3:GetBucketAcl",
"ec2:Describe*",
"s3:ListAllMyBuckets",
"iam:ListUsers",
"s3:GetBucketLocation",
"iam:GetLoginProfile",
"cur:DescribeReportDefinitions",
"iam:ListAccessKeys"
],
"Resource": "*"
}
]
}
Your AWS data source account should now be ready for integration with DigiUsher! Please contact our Support Team at support@digiusher.com if you have any questions or face any issues.