Creating a Service Principal in AWS
- Login to AWS Management Console
- Go to IAM
- Click on Users
- Click on Create User
- Enter User Details e.g.
backplane-api, click next
- Permission Options, select attach policies directly
- Click on Create Policy and in Policy Editor select JSON. Paste in the below JSON
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"organizations:CreateAccount",
"organizations:DescribeOrganization",
"iam:ListUsers",
"organizations:ListPolicies"
],
"Resource": "*"
}
]
}
- Click Next, give Policy Name Backplane-account-creator
- Click Create Policy
- Click Create User
- Click on the new User Created, and click on Security Credentials
- Click on Create Access Key
- Select Third-party service use-case and tick the confirmation and click Next
- Create access key, record Access key and Secret access key values. Click Done.
Add AWS Credentials via CLI
bp cloud aws add --id "<OrgId>" --clientid "<accessKey>" --clientsecret "<accessKeySecret>"
