In the CDP Console, the first step is to create a CDP credential. The CDP credential is
the mechanism that allows CDP to create resources inside of your cloud account.
- From the CDP home screen, click the Management Console
icon.
-
In the CDP Management Console, navigate to
and then click
Create Credential.
- Click the Copy icon to the right of the Create
Cross-account Access Policy text box.
- In a second browser tab, open the AWS Console and navigate to
. Click
Create Policy.
- Click on the JSON tab and paste the access policy in the text box.
- Click Review Policy.
- Give the policy a unique name and a description.
- Click Create Policy.
Next, you create the
required cross-account role.
- In the AWS console, navigate back to Identity and Access
Management.
- Click .
- Under Select type of trusted entity, select Another
AWS account.
- Return to the CDP Management Console and copy the contents of the
Service Manager Account ID field on the
Credentials page.
- In the AWS console, paste the Service Manager Account ID into the
Account ID field.
- Return to the CDP Management Console and copy the contents of the
External ID field on the Credentials
page.
- In the AWS console, paste the External ID into the External
ID field.
- Click Permissions and select the checkbox next to the name
of the policy that you created in Step 8.
- Click Next: Tags.
- Click Next: Review.
- Give the role a unique name and description, then click Create
Role.
- Still in the role page of the AWS console, search for the role you just created,
and click on it.
- Copy the Role ARN at the top of the
Summary page.
- Return to the Credentials page in the CDP Management
Console.
- Give the CDP credential a name and description. The name can be any valid
name.
- Paste the Role ARN that you copied from the AWS console into the
Cross-account Role ARN field, then click Create.
Now that you've created a cross-account role, proceed to creating a CDP
environment.
Now that you've created a cross-account role, proceed to creating a CDP environment.