/
Multi-account Configuration in AWS
Document toolboxDocument toolbox

Multi-account Configuration in AWS

Owned by Sri Raghu
Last updated: Oct 29, 2024
1 min read

If your organization uses multiple AWS accounts, complete the following steps to configure network discovery with Universal Asset Insights:

  1. Create a Delegation Policy at the organizational level. This is what specifies your parent account(s). For more information, see AWS Configuration for including Sub-Accounts.

  2. You can configure AWS in one of the two following methods:

    1. Configure IAM user in parent account. Attach required permissions including AWSOrganizationsReadOnlyAccess. For more information, see Configuring the IAM User.

    2. Use Principal ID to create a Role in parent account. Attach the required permissions including AWSOrganizationsReadOnlyAccess. For more information, see Configure the Principal and External ID.

  3. Add Roles to sub-accounts, with appropriate permissions:

    1. If you are using IAM, follow the sub-account section described in Configuring the IAM User.

    2. If you are using principal ID, follow the sub-account section in Configure the Principal and External ID.

  4. Complete configuration of discovery job in Infoblox Portal. For more information, see Amazon Web Services.