Feb 5, 2024
This guide will walk you through the process of securely linking your Amazon Web Services (AWS) account with MilkStraw using a cross-account role and an external ID for enhanced security.
Create an account at MilkStraw AI
Have access to your AWS account with permissions to create roles and policies.
Step 1: Create a Policy
Creating a policy in AWS defines the permissions that will be granted. This step involves specifying the actions that Milkstraw can perform on your behalf in your AWS account.
In the AWS Management Console, go to IAM (Identity and Access Management).
Click on Policies in the left-hand menu, then Create policy.
In the Policy editor, switch to the JSON tab.
Copy and paste the JSON policy content provided by the Milkstraw web app into the editor.
Click Next, give the policy a name and a description. You might name it “MilkStrawPolicy”.
Click Create policy to finalize.
Step 2: Create a New Role
Roles in AWS are a secure way to grant permissions to entities that you trust. In this case, creating a new role allows Milkstraw to access your AWS account securely, without sharing your access credentials.
Proceed by clicking Next in the Milkstraw app.
In the AWS console, select Roles from the left-hand menu, then Create role.
Choose Custom trust policy as the type of trusted entity.
Paste the JSON trust policy from the Milkstraw web app, which includes an auto-generated external ID, into the editor.
Click Next, select the policy you previously created in Step 1.
Name and describe the role, noting the role name, then click Create role.
Step 3: Fill Out the Access Details
In the final step of the account On-Boarding on the Milkstraw web app, enter the details from the previous steps:
Nickname: A display name for the AWS account for easy identification in settings.
Account Number: The AWS account number to be added, available in the AWS console under Account.
Role Name: The name of the role created in Step 2.
Step 4: You’re All Set
Milkstraw is now set up to securely connect to your AWS account. You can verify access or address any issues within the Settings tab.
You Have Multiple AWS Accounts?
You can add another AWS account to your Milkstraw AI profile, go to Settings, and select Add Account, you will start the same journey and follow the same steps as above.
If you encounter any issues or have questions, our support team is ready to assist you. Contact us at email@example.com for support at every step.