Getting started
Prerequisites
Creating an Organization
Creating Audit and Log Archive AWS AccountsManagement
Creating an AWS Account
Initial Setup
Billing Alerts
Configuring AWS SSO (IAM Identity Center)
Generating As-Built Documentation
Alliance ModeEnvironments
Environments
Configuring AWS Client VPN
Configuring Private Bastion
Deleting an Environment
Domains
Service RolesCompliance
Compliance standards
Compliance status
Configuring a standardReference
Choosing Email Addresses for your AWS Accounts
Checklist end-of-deployment
Configuring SSO for Microsoft Azure
Configuring SSO for G-Suite
Deploying Applications
Notification History
Removing NX1 Access from AWS Accounts
Reduce permission access for NX1
What’s deployed in my accountTroubleshooting
Troubleshooting
Common Issues
Finding the Root Cause of a Failed Job
Creating new environment failed
Fixing Network Access is not connecting to RDS
SSO G-Suite - Deploy Lambda ErrorCreating Audit and Log Archive AWS Accounts
Introduction
You will need to create Audit and Log Archive accounts inside AWS Organizations. (NX1 uses AWS Organizations to manage your AWS accounts.)
Follow these steps to get started with AWS and to create a single AWS account.
Creating an AWS account within your AWS Organizations
To start, sign in to the AWS console by clicking here.
(You must sign in as a user with AWS Organizations management permissions or as root user.)
Once logged in, you can create member accounts that are immediately associated with your AWS Organizations.
The information listed below is automatically copied from the management account to the new member account:
- Account name
- Phone number
- Company name
- Customer URL
- Company contact email
- Communication language
- Marketplace (vendor of the account in some AWS Regions)
To create a member account in your organization, you must have the following permissions:
organizations:CreateAccountorganizations:DescribeOrganization– required only when using the Organizations consoleiam:CreateServiceLinkedRole(granted to principal organizations.amazonaws.com to enable creating the required service-linked role in the member accounts).- Access to the AWS Management Console
To create an AWS account that is automatically part of your organization, go to AWS Organizations > AWS accounts, and click ‘Add an AWS Account’, seen below:
Creating the Audit AWS Account
Under the ‘Add an AWS Account’ form, fill out the items shown below:
- For AWS account name, enter Audit or a similar name
- For Email address of the account's owner, enter the email address of the account's owner. This email address cannot already be associated with another AWS account because it becomes the user name credential for the root user of the account. Follow these instructions to set your email
- For IAM role name, leave it as default
After the account is created, under Organizations you should see a new account there with the name chosen. Copy the Account ID to a safe location because we will need this later when setting up NX1.
Creating the Log Archive AWS Account
Follow the same instructions as creating the Audit account, except that:
- For AWS account name, enter Log Archive or a similar name
After the account is created, under Organizations you should see a new account there with the name chosen. Copy the Account ID to a secure location because we will need it later when setting up NX1.
← Previous
Creating an OrganizationNext →
Initial Setup