Step 1) Create a CDP credential
In the CDP console, the first step is to create a CDP credential. The CDP credential is the mechanism that allows CDP to create resources inside of your cloud account.
- From the CDP home screen, click the Management Console icon.
- In the CDP Management Console, navigate to Create Credential. and then click
- Click the Copy icon to the right of the Create Cross-account Access Policy text box.
- In a second browser tab, open the AWS Console and navigate to
- Click on the JSON tab and paste the access policy in the text box.
- Click Review Policy.
- Give the policy a unique name and a description.
- Click Create Policy.Next, you create the required cross-account role.
- In the AWS console, navigate back to Identity and Access Management.
- Click .
- Under Select type of trusted entity, select Another AWS account.
- Return to the CDP Management Console and copy the contents of the Service Manager Account ID field on the Credentials page.
- In the AWS console, paste the Service Manager Account ID into the Account ID field.
- Return to the CDP Management Console and copy the contents of the External ID field on the Credentials page.
- In the AWS console, paste the External ID into the External ID field.
- Click Permissions and select the checkbox next to the name of the policy that you created in Step 8.
- Click Next: Tags.
- Click Next: Review.
- Give the role a unique name and description, then click Create Role.
- Still in the role page of the AWS console, search for the role you just created, and click on it.
- Copy the Role ARN at the top of the
- Return to the Credentials page in the CDP Management Console.
- Give the CDP credential a name and description. The name can be any valid name.
- Paste the Role ARN that you copied from the AWS console into the
Cross-account Role ARN field, then click Create.Now that you've created a cross-account role, proceed to creating a CDP environment.