Skip to main content

How can we help you?

Druva Documentation

Create an AWS Access Role

Overview

This article provides an overview on linking your AWS account to Druva CloudRanger via an AWS access role. Druva CloudRanger offers an out-of-the-box Quick Setup approach to configure access to your AWS account. The CloudFormation stack allows you to provision the access role for your AWS environment.

Before you begin

Make sure that you are logged into the AWS account for which you wish to configure the Access Role.

Create AWS access role

The following steps describe how to create an IAM access role to grant CloudRanger access to your AWS account.

  1. Log in with your CloudRanger credentials into  https://cloudranger.druva com/.

    1_Add.png
     
  2. Click Add New Account.

    1_Add3.png
     
  3. Copy or download the CloudFormation template to manually create the stack and provision the access role for your AWS environment.
  4. Click Launch AWS Console to be automatically directed to the CloudFormation section of your AWS account.
    The details are pre-populated in the required sections.

    Stack1.png

  5. Select the I acknowledge that AWS CloudFormation might create IAM resources with custom names check box, and then click Create Stack to generate the CloudFormation stack.
  6. Refresh the stack until the Status reads CREATE_COMPLETE.

    Stack2.png

CloudRanger then initiates a Sync with AWS to synchronize with your AWS environment.  Once the synchronization is complete, all resources are highlighted with a green checkmark. This validates that your resources on CloudRanger are now synchronized with your AWS account.

Add new AWS accounts

You can add multiple AWS Accounts and manage them all from your integrated CloudRanger console.

  1. Log into your Druva CloudRanger console and navigate to the Organization in which you wish to add a new account(s).

    2_Add Acc1.png
     
  2. Click Add New Account on the top right.
  3. Follow the same process as when creating your initial AWS Access Role.
Note: You will need to generate a new CloudFormation stack for each AWS Account that you wish to manage on Druva CloudRanger.

Once the AWS account access is setup, the Last Access Status displays the appropriate status:

  • Latest: Indicates that the AWS access role is up to date.
  • Update: Indicates that the AWS access role needs to be updated. Click the link to update the CloudFormation template on your AWS console. For more information, see Update Existing AWS Access Roles.
 
Note: To verify the access status with your AWS environment, select an Account and then click Verify AWS account access.

Configure Multiple AWS Accounts

Multi-account onboarding allows you to configure multiple AWS accounts simultaneously on Druva CloudRanger.

To add multiple AWS accounts:

  1. Log into your Druva CloudRanger console and navigate to the Organization in which you wish to add new accounts.

    2_Add Acc1.png
     
  2. Click Add New Account on the top right.
  3. Copy or download the CloudFormation template to manually create the stack and provision the access role for your AWS environment.
  4. Click Launch AWS Console to be automatically directed to the CloudFormation section of your AWS account.

    3_MultiAc1.png
     
  5. Click StackSets on the left navigation menu and then click Create StackSet.

    3_MultiAc2.png
    Note: The Stack Names must be unique if you wish to link more than one CloudRanger account to the same AWS account.
  6. Select the Upload a template file option if you have downloaded the CloudFormation template in the previous step.
    Alternatively, you may copy the CloudFormation URL and paste this into Amazon S3 template URL
  7. Click Next.

    3_MultiAc3.png
     
  8. Specify the AWS Account numbers to be configured with Druva CloudRanger via the CloudFormation StackSet.
    Alternatively, you may upload a .csv file with the account numbers listed.
  9. Select the I acknowledge that AWS CloudFormation might create IAM resources with custom names check box, and then click Submit to generate the CloudFormation StackSet.
  10. Refresh the StackSet until the Status reads CREATE_COMPLETE.

Once the AWS account access is setup, the Last Access Status displays the appropriate status, as described previously.
 

  • Was this article helpful?