Client Portal System Status Contact Us

Activate an AWS Account

Follow this topic to add your AWS cloud account to the Client Portal.

Prerequisites

Before starting the activation, make sure that you have the following details:

  • Account Information: You must have your AWS account number. You can view your account number in the AWS Management Console.

  • Permissions: You must have permission to execute the CloudFormation script that will create an Identity and Access Management (IAM) role in the account to be activated.

NOTE: If your company uses AWS Organizations and this is the first account you're activating, we recommend that you activate your master account first.

If you start by activating a linked account, the Client Portal will discover your master account. Then you, or another user in your organization, will be required to activate the master account.

However, if you start by activating your master account, the Client Portal will discover your linked accounts first and provide the option to activate them individually, after the master account is activated.

Adding your AWS cloud account

To add your AWS cloud account

  1. From the navigation menu, go to Setup and select Cloud tenant setup.

  2. On the Cloud tenant setup page, select Add Cloud Account and choose Amazon Web Services as your cloud service provider.

  3. Provide the following details:

    1. A name for your AWS account.

    2. Your AWS account ID.

    3. Choose the region where you want to create the CloudFormation stack.

  4. Select Add Cloud Account. The login page for the AWS Console opens.

NOTE: Your pop-up blocker might prevent the new browser tab from opening. Ensure that the pop-up blocker is turned off. If required, enable pop-ups and select Add Cloud Account again.

  1. Sign in to the AWS Console and perform the following steps:

    1. On the Create Stack page, review the settings that the Client Portal will use to activate your AWS account.

    2. Select the I acknowledge that AWS CloudFormation might create IAM resources with custom names checkbox.

    3. Select Create. The CloudFormation script will start executing.

  2. When the activation status changes from CREATE_IN_PROGRESSto CREATE_COMPLETE, navigate to the Client Portal, and refresh the page. Your account is activated.

If you use AWS Organizations and have linked accounts, these accounts will be shown as Not Activated in the list. See the next section for information on how to activate linked accounts.

Activating linked accounts

Many organizations have several AWS accounts in their AWS Organizations hierarchy. In some cases, it's not the same person who owns each of those accounts. Therefore, each account owner must activate the account they own.

To activate linked accounts

  1. From the navigation menu, navigate to Setup and select Cloud tenant setup.

  2. On the Cloud tenant setup page, expand the master AWS account containing the linked accounts.

  3. Select Activate next to the linked account that you want to activate.

  4. Perform the same activation steps as for the master account. Follow steps 3-6 in Adding your AWS cloud account.

Activating multiple linked accounts automatically

You can select multiple linked accounts and start the activation process automatically for all accounts.

To automate multiple linked account activations, all selected accounts must have some basic permissions. These permissions are automatically applied if the linked account has been created as a part of an organization.

If a linked account hasn’t been created as a part of an organization, but instead has only been linked to it, you must manually grant access to the OrganizationAccountAccessRole with the cloudFormation:CreateStack permission to activate that account automatically.

The process for activating multiple linked accounts is similar to the process for single account activation, except that AssumeRole permission is granted to the master account. To handle the process automatically for multiple accounts, without prompting the user for additional settings for each account, additional AssumeRole permission is applied. This is only needed at activation. Granting this permission is done using a similar approach to single account activation. It does this using CloudFormation, SNS, and Lambda by deploying new AWS resources to handle this process.

To activate multiple linked accounts automatically

  1. On the Cloud tenant setup page, expand the AWS account containing the linked accounts you want to add.

  2. Select the checkbox next to each linked account you want to activate.

  3. Select Activate Selected.

Syncing your tags to AWS

The Client Portal works in a read-only mode after you onboard your AWS account for the first time.

It means that the Tag and Resource Manager feature can import your resources and tags from AWS, but it cannot synchronize any tag changes you make in the Client Portal back to AWS.

If you would like Tag and Resource Manager to synchronize tags back to AWS, you must change the level of access the Client Portal has for your AWS account.

To change the level of access

  1. On the Cloud Account Setup page, expand the AWS account and select Change Access.

  2. In the Change PyraCloud Access Level, choose the access level:

    • Sync resources only, no tags – write back of tags disabled: Tag and Resource Manager will download your resources to the Client Portal without the tags currently assigned in AWS. Any changes to tags will be stored in the Client Portal only. This setting requires read-only access to your AWS account and will not make any changes to resources or tags in your AWS account.

    • Sync resources and tags – write back of tags disabled: Tag and Resource Manager will download your resources to the Client Portal, including the tags currently assigned in AWS. Any changes to tags will be stored in the Client Portal only. Any tags assigned to resources in AWS will overwrite the tags for the corresponding resource in the Client Portal. This setting requires read-only access to your AWS account and will not make any changes to resources or tags in your AWS account.

    • Sync resources and tags – write back of tags enabled: Tag and Resource Manager will download your resources to the Client Portal, including the tags currently assigned in AWS. Any changes to tags will be synchronized back to your resources in AWS. This setting requires read-write access to your AWS account and will only make changes to tags.

  3. Select Change.

Syncing AWS Cost Explorer recommendations

The Recommendations module downloads recommendations from AWS Cost Explorer, which includes Reserved Instance purchase recommendations for Amazon EC2, Amazon RDS, ElastiCache, Amazon ES, and Amazon Redshift.

By default, the Enable sync with AWS Cost Explorer to see AWS Recommendations setting is enabled in the Client Portal. It means that Client Portal will download your account's AWS Cost Explorer recommendations.

To disable this setting

  1. On the Cloud Tenant setup page, navigate to the AWS account and select Change Access from the Action column.

  2. In Change PyraCloud Access Level, choose the access level and select Change.

  3. Select Enable sync with AWS Cost Explorer to see AWS Recommendations in PyraCloud.

  4. Select Change.

Enabling your Enterprise Discount Program (EDP) commitment amounts

If you're taking advantage of AWS’ EDP you can view your commitment amounts in the Client Portal.

The portal displays your spending against your commitment so that you can track and plan for upcoming spend. To view your commitment amounts, contact our Support team.

Last updated

SoftwareOne is a trademark of SoftwareOne, Inc. "The Software Licensing Experts" is a service mark of SoftwareOne, Inc. VAR assist is a trademark of SoftwareOne, Inc. "It pays to partner" is a service mark of SoftwareOne, Incorporated.