R12.1-2025Jul03

Creating Public or Secret Keys for Gateway Accounts

This topic describes how to create a user account in the Gateway account with the necessary privileges to assume roles in the monitored accounts using the AWS console.
  1. Navigate to Identity and Access Management (IAM) in your AWS Management Console.
  2. Go to the Users section and click Create user.

  3. Select Attach Policies directly and proceed with user creation. You can add the policy later.

  4. Once the User is created, create an inline policy.

    A sample policy in the JSON format:
    Information

    Note: Use the account ID to monitor your environment.
    Copy Code
    Code
    {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Effect": "Allow",
                "Action": "sts:AssumeRole",
                "Resource": "arn:aws:iam::<12-digit first monitored account number>:role/<role created in previous step (NetbrainAccessRole)>"
            },
            {
                "Effect": "Allow",
                "Action": "sts:AssumeRole",
                "Resource": ""arn:aws:iam::<12-digit second monitored account number>:role/<role created in previous step (NetbrainAccessRole)>""
            }
        ]
    }



  5. Create an Access Key for the user and ensure it is securely stored. These keys will be required for input in NetBrain.

     

    Creating AWS Access Policy and Role for Monitored Accounts Configuring NetBrain System