AWS Cloud Account Onboarding: Post-Onboarding Steps
Learn what configurations need to be made after you've onboarded your AWS cloud account(s) successfully into CoreStack,
Overview
Once you complete the previous onboarding steps , your newly onboarded AWS cloud account will be displayed on the screen, on the Account Governance main dashboard.
Configure standard permissions in your cloud account post-onboarding
Click on View > View Settings to configure the standard permissions.


Mandatory Permissions for Configuring the AWS WAF:
- config:DescribeConfigRuleEvaluationStatus
- config:DescribeConfigurationRecorders
- config:GetComplianceDetailsByConfigRule
- config:PutConfigRule
- config:PutEvaluations
- iam:GetRole
- lambda:AddPermission
- lambda:CreateFunction
- lambda:DeleteFunction
Optional Permissions:
- config:DeleteConfigRule
- wellarchitected:CreateWorkload
- wellarchitected:GetWorkload
- wellarchitected:ListWorkloads
- wellarchitected:UpdateAnswer
- wellarchitected:UpdateWorkload
Note:
- Lambda permissions must be enabled in the AWS portal
- Config recorder must be enabled in the AWS portal
- IAM get role must be enabled in the AWS portal


If Config recorder is not enabled, then you need to enable it from the AWS console.
To do this, navigate to AWS Config > Recorder in the AWS portal.
Updated 10 months ago