Configure AWS IAM for CSM
Before you can connect to the AWS API, you will need to set up a pair of access keys in your AWS account.
Your specific AWS account should be set up according to your organization's security policies and AWS best practices. For CSM to connect via the AWS API, you must create access keys for use by the application. This can be done using a single key pair to connect for the organization, or it can be done on a user level. This mApp® Solution assumes the organization will use a single key pair for the entire organization, and rotate that key on an appropriate schedule.
Make sure that the Identity and Access Management (IAM) user for which you generate these keys has the following permissions:
Access to individual CSM users is granted through CSM. Individual customers should belong to a department, and departments should be granted access to an AWS Portfolio. For more information, see Grant AWS Account Access to CSM Users or Add Departments to the AWS Portfolio Supporting Object.
Make sure that the Identity and Access Management (IAM) user for which you generated the key also has access to any portfolios in your AWS account.
To set up AWS IAM for CSM: