Onboarding Multiple AWS Accounts to nOps using One Click CloudFormation
Introduction
nOps provides powerful analysis, dashboards, and reports for your AWS environment. Adhering to the principle of least privilege, nOps requires limited access to your AWS accounts via AWS-approved methods including AWS Organizations, CloudFormation, Stack, StackSets, and Lambda.
For multi-account setups, nOps recommends using CloudFormation over Terraform due to its better integration with AWS services and native support. This guide will walk you through the process of onboarding multiple AWS child accounts to nOps using a one-click CloudFormation setup.
Prerequisites
- Administrative access to the AWS Management account account for configuration.
- Another tab of your browser opened with nOps
Steps
Step 1: Add a New AWS Account
1. Initiate Account Addition:
Click on “Add New AWS Account” from the Dashboard if your account is new, or add it from Personal Settings > AWS Accounts.
2. Choose Setup Method:
We provide two setup methods:
1. nOps Wizard Setup
2. Manual Setup
For this guide, select “nOps Wizard Setup” and click “Next”.
3. Enter Account Details:
-
Enter the AWS Account Name and S3 Bucket Name.
-
Click “Set up Account”. This will redirect you to the AWS Create Stack page.
4. Create Stack in AWS:
-
The Create Stack page will have prefilled data including Stack name, ExternalId, and SystemBucketID.
-
Check the box that says “I acknowledge that AWS CloudFormation might create IAM resources.”
-
Click the “Create Stack” button.
-
The stack will be created and the Master Payer account will be configured successfully.
Step 2: Configure All Linked Child Accounts
1. After the Master Payer account is successfully configured, it will automatically fetch the linked child AWS accounts and list them as Inactive AWS Accounts.
2. Initiate MultiAccount Setup:
- To configure all child accounts at once, click on “CloudFormation Multiple Accounts Setup” from the AWS Accounts page, which will redirect you to the AWS Create Stack Page.
3. Create Stack for Multiple Accounts:
- A Create Stack page will open on AWS with the name “Quick Create Stack”.and All details would be prefilled.
-
Click on the “Create Stack” button to initiate the stack run.
-
After successful CloudFormation execution, all child accounts will be connected to nOps as Active AWS Accounts.
This feature also supports automatic listing and connection of any new child accounts created in AWS to nOps so you don’t need to manually configure any new AWS account created under the same organization account.
Conclusion
By following these steps, you can seamlessly onboard multiple AWS-linked accounts to nOps, granting minimum necessary permissions through AWS-native CloudFormation.