Installing a connector on AWS Organization with Terraform
Integrate Apono with your AWS Organization for complete cloud discovery and JIT access management to AWS resources
Last updated
Was this helpful?
Integrate Apono with your AWS Organization for complete cloud discovery and JIT access management to AWS resources
Last updated
Was this helpful?
Apono connects with the AWS Organization to discover all accounts and their respective cloud resources and services and manage just-in-time, just-enough access to them.
This guide lets you integrate to the AWS Organization with Terraform.
Terraform
AWS Profile mgmt-account
with Admin privileges in the Organization's Management Account
AWS Profile member-account
with Admin privileges in one of the Organization's Member Accounts
Activate the CloudFormation StackSet service in your management account
Go to Integrations catalog, and select AWS integration
Choose Amazon Organization, and in the "Select an Apono Connector", choose "Add new connector"
Copy the token shown in the UI
Run the following Terraform Template:.
After the installation finishes, copy and save the Management Account Role ARN from the output
Choose the connector from the dropdown list
Choose the resource types you want to connect, and click Next
Under name, enter a name for the integration (i.e. AWS Organization)
Under Region, select a single region of the AWS resources you want to integrate.
Under AWS SSO Region, enter the region where the IAM Identity Center is configured
In Management Account Role ARN, enter the ARN you copied in step 5
Click Connect
The initial connection should now be in progress! After a few minutes, you should see the AWS Org integration as Active on the Integrations page.
Now, start creating Access Flows for the discovered resources.
Go back to the
Under SSO Portal, enter your SSO Start URL (i.e. )