Granting Access Instructions

• Log into your AWS account using your root account. Your root account is where you log into AWS with the email address you used when you first set up AWS.
• On the navigation bar, click your account name, and then click Account.
• Next scroll down to IAM User and Role Access to Billing Information, choose Edit.
• Select the Activate IAM Access check box to activate access to the Billing and Cost Management console pages. (If it is already ticked, perfect, let’s leave that alone.)
• Choose Update.
• Click this link, or copy and paste it into your browser; https://console.aws.amazon.com/iam/home?#/roles$new?step=type&roleType=crossAccount&accountID=337762849365&roleName=beatyconsultancy-audit&policies=arn:aws:iam::aws:policy%2FReadOnlyAccess&policies=arn:aws:iam::aws:policy%2FAWSBillingReadOnlyAccess
• Just click next all the way through the wizard (that magic link fills everything in for you) and click the Create Role button on the Review page at the end.
• Once complete search for the role beatyconsultancy-audit and click the role
• Copy the link to switch roles in console and send to us

Troubleshooting 

Sometimes our browsers don’t quite understand the all of the magic link, so if you can’t click Create Role at the end of the wizard, just go back and double check these details;

• Role type: Another AWS account
• Account ID: 337762849365
• The box for Require external ID is checked
• Leave the Require MFA option unchecked and proceed to Next: Permissions
• On the permissions screen, the ReadOnlyAccess policy is automatically selected
• To verify, search for ReadOnlyAccess and scroll to the very bottom
• Now remove the text from the search box, and type in Billing
• The AWSBillingReadOnlyAccess policy right at the top of the list should be ticked
• Click Next and Next again, and verify beatyconsultancy-audit has been added as the Role Name

Granting Access Instructions

• Log into your AWS account.
• Click this link, or copy and paste it into your browser; https://console.aws.amazon.com/iam/home?#/roles$new?step=type&roleType=cros
  sAccount&accountID=337762849365&roleName=beatyconsultancy-audit&policies=arn:aws:iam::aws:policy%2FReadOnlyAccess
• Just click next all the way through the wizard (that magic link fills everything in for you) and click the Create Role button on the Review page at the end.
• Once complete search for the role beatyconsultancy-audit&policies and click the role
• Copy the link to switch roles in console and send to us

Troubleshooting 

Sometimes our browsers don’t quite understand the all of the magic link, so if you can’t click Create Role at the end of the wizard, just go back and double check these details;

• Role type: Another AWS account
• Account ID: 337762849365
• The box for Require external ID is checked
• Leave the Require MFA option unchecked and proceed to Next: Permissions
• On the permissions screen, the ReadOnlyAccess policy is automatically selected
• To verify, search for ReadOnlyAccess and scroll to the very bottom
• Click Next and Next again, and verify beatyconsultancy-audit has been added as the Role Name

Granting Access Instructions

• Log into your AWS account.
• Click this link, or copy and paste it into your browser;
  https://console.aws.amazon.com/iam/home?#/roles$new?step=type&roleType=crossAccount&isThirdParty&accountID=968898580625&externalID=97305fe8-9602-4333-a3a5-16ed3e940b7e&roleName=beatyconsultancy-documentation&policies=arn:aws:iam::aws:policy%2FReadOnlyAccess
• Just click next all the way through the wizard (that magic link fills everything in for you) and click the Create Role button on the Review page at the end.
• Once complete search for the role beatyconsultancy-documentation and click the role
• Copy the link to switch roles in console and send to us

Troubleshooting 

Sometimes our browsers don’t quite understand the all of the magic link, so if you can’t click Create Role at the end of the wizard, just go back and double check these details;

• Role type: Another AWS account
• Account ID: 968898580625
• The box for Require external ID is checked
• External ID: 97305fe8-9602-4333-a3a5-16ed3e940b7e
• Leave the Require MFA option unchecked and proceed to Next: Permissions
• On the permissions screen, the ReadOnlyAccess policy is automatically selected
• To verify, search for ReadOnlyAccess and scroll to the very bottom
• Click Next and Next again, and verify beatyconsultancy-documentation has been added as the Role Name
• Click the Create Role button on the Review page at the end.

Granting Access Instructions

• Log into your AWS account.
• Click this link, or copy and paste it into your browser;
  https://console.aws.amazon.com/iam/home?#/roles$new?step=type&roleType=crossAccount&accountID=337762849365&roleName=beatyconsultancy-admin&policies=arn:aws:iam::aws:policy%2FAdministratorAccess&policies=arn:aws:iam::aws:policy%
  2FAWSBillingReadOnlyAccess
• Just click next all the way through the wizard (that magic link fills everything in for you) and click the Create Role button on the Review page at the end.
• Once complete search for the role beatyconsultancy-admin and click the role
• Copy the link to switch roles in console and send to us

Troubleshooting 

Sometimes our browsers don’t quite understand the all of the magic link, so if you can’t click Create Role at the end of the wizard, just go back and double check these details;

• Role type: Another AWS account
• Account ID: 337762849365
• The box for Require external ID is checked
• Leave the Require MFA option unchecked and proceed to Next: Permissions.
• On the permissions screen, the AdministratorAccess policy is automatically selected
• To verify, search for ReadOnlyAccess and scroll to the very bottom
• Click Next and Next again, and verify beatyconsultancy-admin has been added as the Role Name

Instructions

That’s all the setup done! Now we just need to go and grab a couple of pieces of information to send back to us at Beaty Consultancy.

• Click this link, or copy and paste into your browser;
  https://console.aws.amazon.com/iamv2/home?#/roles
• in the search box, type beatyconsultancy
• Click the name of the role(s) you set up for us
• Click the copy button next to Give this link to users who can switch roles in the console
• Paste that link into an email to us. Repeat these steps for any other roles you’re giving us apart from the documentation role – that one has one other piece of information we need, as follows:
  • Click the back button in your browser, and again, type beatyconsultancy into the search box
  • This time, click beatyconsultancy-documentation
  • For this role, we need the Role ARN (the first item in at the top of the screen), so clickcopy button next Role ARN, and paste that into an email to us.

Phew, you’re done! All that means we are able to hop into your AWS subscription and check everything out for you. Grab a brew, and leave the cloud-magic to us!

Instructions

If you need to close off the above access, it’s simple;

• Click this link, or copy and paste into your browser;
  https://console.aws.amazon.com/iamv2/home?#/roles
• in the search box, type beatyconsultancy
• Click on any role you want to revoke from us
• Click the Delete role button from the top right hand corner of the screen, and then click the red Yes, delete button to confirm.
• Click the back button in your browser to get back to the list of roles, and repeat the above steps as many times as is necessary.