Ensure MontyCloud and AWS have the necessary permissions to securely deploy and manage resources during onboarding a single account or managing multiple accounts within an AWS Organization.
Pre-Requisites for Standalone AWS Accounts
Use this section to onboard an individual AWS account which is not part of an AWS Organization.
Required Permissions
- You must be assigned the Cloud Admin role in MontyCloud DAY2.
- Your AWS IAM user or role must have permissions to:
- Deploy CloudFormation templates
- Create and manage IAM roles and IAM policies
Pre-requisites for AWS Organizations
Use this section to onboard multiple AWS accounts that are part of an AWS Organization.
Required Permissions (Management Account):
- You must be assigned Cloud Admin role in MontyCloud DAY2.
- Your AWS IAM user or role must have permissions to:
- Deploy CloudFormation StackSets
- Create and manage IAM roles and IAM policies
- Access the AWS Organizations service
These permissions allow MontyCloud to centrally manage onboarding using StackSets across all member accounts in the organization.