Add the Kion Service Role
If you're using AWS, you added a service role to your AWS management account as part of the AWS Quickstart process when you set up Kion. You may need to add it again for accounts in the future, depending on how you add your accounts.
The service role is implemented via an AWS CloudFormation template. It creates an AWS IAM role with a trust policy that allows Kion to access the account's data.
To add the Kion service role to your AWS management account:
- In your AWS management account, navigate to the AWS CloudFormation service.
- Click Create Stack.
- Upload the AWS CloudFormation template. It can be downloaded within Kion on the page where you add an AWS account for non-management accounts, as shown in the screenshot below. See the AWS Management Account Setup Guide for a template for your AWS management account. Scroll to the bottom of the article and download the attached file named billing-role-full-access.json.
- Name the stack:
- Replace the AWS account with the AWS account number where Kion is installed.
- Follow the remainder of the prompts.