Managing Multiple AWS Partitions From a Single Kion Installation

Follow

Managing Multiple AWS Partitions From a Single Kion Installation

The steps below document how to manage other AWS partitions from a single Kion installation. For example, you may want to manage GovCloud if you're currently running Commercial, or manage Commercial if you're currently running GovCloud.

Any AWS accounts in a separate partition will not be accessible until these steps are completed.

To enable multi-partition management:

  1. Choose an AWS account as the central point of authentication. We recommend using an empty account for partition access.
  2. In the Kion application, navigate to Settings > System Settings > AWS Partitions.
  3. Click Download AWS CloudFormation to download the cloudtamer-partition-user AWS CloudFormation.
  4. Choose the AWS partition type in the Select An AWS Partition dropdown menu.
  5. In the AWS account that you have chosen as the central point of authentication:
    • If the cloudtamer-service-role already exists, perform an update stack operation in AWS CloudFormation.
    • If the cloudtamer-service-role does not exist, perform a create stack operation in AWS CloudFormation.
  6. Generate IAM access keys from the cloudtamer-service-user IAM user.
  7. In the Kion application, navigate to Settings > System Settings > AWS Partitions.
  8. Enter the IAM access keys.
  9. Click Save.

Within 5-10 minutes (depending on the number of linked accounts in this partition), all the AWS accounts are updated to use the AWS account as the central point of authentication.