Managing Multiple AWS Partitions From a Single Kion Installation
The steps below document how to manage other AWS partitions from a single Kion installation. For example, you may want to manage GovCloud if you're currently running Commercial, or manage Commercial if you're currently running GovCloud.
Any AWS accounts in a separate partition will not be accessible until these steps are completed.
To enable multi-partition management:
- Choose an AWS account as the central point of authentication. We recommend using an empty account for partition access.
- In the Kion application, navigate to Settings > System Settings > AWS Partitions.
- Click Download AWS CloudFormation to download the cloudtamer-partition-user AWS CloudFormation.
- Choose the AWS partition type in the Select An AWS Partition dropdown menu.
- In the AWS account that you have chosen as the central point of authentication:
- If the cloudtamer-service-role already exists, perform an update stack operation in AWS CloudFormation.
- If the cloudtamer-service-role does not exist, perform a create stack operation in AWS CloudFormation.
- Generate IAM access keys from the cloudtamer-service-user IAM user.
- In the Kion application, navigate to Settings > System Settings > AWS Partitions.
- Enter the IAM access keys.
- Click Save.
Within 5-10 minutes (depending on the number of linked accounts in this partition), all the AWS accounts are updated to use the AWS account as the central point of authentication.