Navigation Menu: Customer

 

TIP: For best results, use Google Chrome when working in the Orbitera Cloud Commerce Platform portal and the AWS Management Console.

 

Overview: This article provides detailed information on how to add or link an existing AWS account to an Orbitera Cloud Commerce Platform customer account.

 

Prerequisite: before you can add an account, you must be an AWS authorized reseller under the Orbitera AWS reseller program. Additionally, customers must be authorized to buy AWS products by you, the reseller.

 

In this section you learn how to move existing AWS accounts into the Orbitera Cloud Commerce Platform. Under the Amazon reseller program, customers with existing AWS accounts are added to the Orbitera Cloud Commerce Platform by completing the steps outlined below. This process is also referred to as linking an AWS account. To add an AWS account to an Orbitera Cloud Commerce Platform customer account, you must have the following:

· Email address for the AWS account root owner

· Twelve (12) digit AWS Account number

Note:  in an AWS account, the email address associated with root is always the email address used when the AWS account was created. If you do not know or have the email address associated with root access, contact your Orbitera Sales or Delivery team member for support. 

 

Adding or linking an AWS account to an Orbitera Cloud Commerce Platform customer account can be completed two ways:

1. Reseller completes the action using the reseller portal on behalf of the customer

2. Customer completes the action using the end customer widget

Note: only a portion of the steps outlined under option 1 can be performed by the reseller. The linking of existing AWS accounts always involves the AWS account owner. While the steps are similar under both options, the instructions outlined below are specifically for option 1.

 

Step 1 - Adding the existing AWS Account 

To add an existing AWS account, follow these steps:

1. Log into your Orbitera Cloud Commerce Platform account and select the Customers module

 


 

2. Select the customer that you want to add the AWS account to then click on [Edit]

3. Click [Add+]

a. Cloud Provider select Amazon Web Services

b. Account ID select New then enter the 12 digit AWS account number

c. Email enter the email address associated with root access to the AWS account

d. Type select the default, which is Resale

e. Price Book select the pricing you want to apply to the customer

f. Cost Center select a cost center or leave it blank if it’s not applicable

 


 

4. Click [Save] then the Create IAM Role window will display

 

Step 2 - Account Approval Process
An approval workflow email is generated and will be sent to the contact listed in the
Account screen (screenshot below). Click on the embedded link in the approval workflow email then you will be taken to the approval section inside of the Orbitera Cloud Commerce Platform.

 


 

Cloud Account Provision request will be visible in your Orbitera Cloud Commerce Platform portal under Account > Approval Requests. Select the request that you want to approve then click [View].

 


 

Click [Approve and Provision] or [Decline]

 



Step 3 - Setting the ARN Role

Once the account provision is approved, the next step is to set the ARN role, which is a Read Only role that is setup inside the Amazon Management Console. Note: you should have 3 browser windows open: one window to see read these instructions, second window that has the Orbitera Cloud Commerce Platform portal open then a third window that has the Amazon Management Console open.

 

1. In the Orbitera Cloud Commerce Platform, click on the Customers module

2. Select the customer that you added the AWS account to (from Step 1.2 - Adding the existing AWS Account) then click on [Edit]

3. Click on the AWS account that you added earlier (from Step 1.3 - Adding the existing AWS Account) then the cloud account window will display

4. Click on the [Set ARN Role] button then the Create IAM Role instruction screen will display



 

From the AWS Console:

1. Log in to the Amazon account

2. Select Amazon Management Console

3. Select Amazon IAM console

a. Select Roles

b. Click [Create New Role]

4. Enter a name in the Role Name field and click [Continue] 

Note: You can make up the name in this field. Amazon uses lower-case letters only. 

5. Select "Role for Cross-Account Access"

6. Select "Allows IAM users from 3rd party AWS account to access this account"

Note: To complete the next steps you need data from the Create IAM Role instruction screen from the Orbitera Cloud Commerce Platform portal

7. In the Account ID field, enter [328676173091] (without dashes)

8. In the External ID field, enter the code from the Orbitera Cloud Commerce Platform Create IAM Role screen

9. Click [Continue]

10. Select "Read only access" from the policy template list

11. Click [Continue]

12. Click [Create Role]

13. Select the newly created role in your roles list

14. Click on the Summary tab

15. Copy the "Role ARN" value



In the Orbitera Cloud Commerce Platform under the AWS Account:

1. Paste the Role ARN name in the Create IAM Role screen

2. Enter your description

3. Click [Save]