Prerequisites for Onboarding AWS
This is a list of things to have ready before you begin onboarding your AWS accounts or organizations.
Prerequisites for Onboarding AWS
Complete this checklist before you begin onboarding AWS:
Log in to an AWS account where you have the ability to create an IAM role and assign permissions.
Know the account IDs for all AWS accounts you want to onboard. If onboarding an organization, make sure to have your organization's root account ID.
You will need to specify your account IDs in the onboarding wizard.
If restricting public access to flow logs, configure the ports and IP addresses listed in AWS flow log access IP addresses.
If using AWS Service Control Policies (SCP), make sure your SCPs aren't restricting access to ports or IP addresses in regions required by Illumio.
If onboarding an account rather than an organization, decide to use one onboarding method:
Launch a CloudFormation Stack automatically.
Use an Illumio-provided YAML file as a template to create a stack manually.
Required AWS permissions
Onboarding requires certain permissions. Use the steps described in Onboard an AWS Cloud account and Onboard an AWS Cloud organization to automatically provision the permissions.