Reduce permission access for NX1

Reduce permission access for NX1

Manage NX1 access to environments

⚠️
Reducing the access that NX1 has to your AWS account still allows Citadel to read data.
Removing permission to NX1 to deploy any resource to your account.

Reduce access to not allow deployments in the AWS Console on the Management Account

  • Log in to your AWS Management Account using an Administrator role or through SSO;
  • Select the Region US East (N. Virginia) - us-east-1;
  • Go to CloudFormation resource and select Stacks
  • In the filter by stack name, look for citadel-master-access
  • Select the Stack
⚠️
Make sure you want to remove access from NX1. NX1 will no longer manage your account.
  • Select Update followed by the option Use the same template
  • Click Next
  • Select Disable in the AllowDeployment” parameter.
    • image
  • Click Next > Next > Submit.

To give back the permission to deploy resources into your infrastructure, Follow those steps and change the option AllowDeployment” to enable .

Reduce permission access for NX1 to ReadOnly in the AWS Account (Environment)

  • Log in to your AWS Management Account using an Administrator role or through SSO;
  • Select the Region US East (N. Virginia) - us-east-1;
  • Go to CloudFormation resource and select Stacks
  • In the filter by stack name, look for citadel-account-access-<account-number>
  • Select the Stack
  • Select Update followed by the option Use the same template
  • Click Next
  • Select Disable in the AllowDeployment” parameter if you want to remove permissions to deploy in the AWS account
  • Select true in the ReadOnly parameter if you want to restrict NX1 access to read-only to the AWS account
    • image
  • Click Next > Next > Submit.