Skip to main content
Druva Documentation

Create an AWS Access Role - Step by step guide

Overview

Here we explain how to create an IAM access role to allow CloudRanger to access your AWS account(s) to perform backups and schedules on your behalf.

We require third-party access to the AWS account(s) you want us to manage on your behalf. We have provided a CloudFormation script to automate the creation of the access role for your AWS environment. 

We follow all best practice security protocols recommended by AWS. CloudRanger's access to your AWS region is controlled by AWS Identity and Access Management (IAM). 

Here are the steps to follow to link your IAM role to CloudRanger

Step 1 - Click on the 'Configuration' link on the main dashboard.

configure_credential.png

Step 2 - Make sure that your AWS console window is open and you are logged into the account you want to create access to.

Step 3 - Click on the 'Connect to AWS' button.

create_aws_access_role.png

Step 4 - You will then automatically be directed to the Create stack section in CloudFormation in your AWS account. The details will be pre-populated in the required sections. However, you will need to tick the check box to acknowledge that AWS CloudFormation might create IAM resources with custom names as highlighted below:

create_stack.png

Step 5 - Click 'Create' to generate a CloudFormation stack. 

Step 6 - Refresh the Stack until the status is CREATE_COMPLETE

create_complete.png

Step 7 - Go to the 'Outputs' dropdown

Step 8 - Highlight and then Copy the ARN value

Step 9 - Save the ARN value in CloudRanger as outlined below:

save_aws_access_role.png

You will be returned to the Account Settings page where the validation of your AWS Access will take place automatically. If your account access has been validated, 'Access Success' will be shown as below.

aws_access.png