As part of our services we need access to hoster`s management console. In case of Amazon Web Services (AWS) it is Amazon management console and we ask all our customers to create IAM cross-account role for Forthscale support team.

To do that, please log in AWS console

https://console.aws.amazon.com/console/home?#

Once you are logged in you AWS account, click on “Services” and choose “IAM” or search for "IAM":

You will be presented with IAM control panel. Switch to "Roles" in the left menu and create new role:

In the first screen of role creation wizard select "Another AWS account", fill in Forthscale AWS account ID 392591718652 and select "Require MFA" for extra security. Please don't select "Require external ID" as it will prevent us from working via API tools(as scripting) and CLI.

On the second wizard screen select permissions for Forthscale role. Depending on the project details you can select specific permissions or regions. In most support plans you will require to select "AdministratorAccess" policy.

The fourth screen is for your internal use, add tags for the role for better internal management:

In the last screen you required to give role name and can write internal description(optional). For the role name we suggest "fs-support", to align our internal policy:

Once the role is created you can see it in your roles list.

Last step is provide us information about your AWS account and the new role, create new ticket with the following information:

• AWS Account ID (can be found in AWS Support Center)
• Role name you have created (probably "fs-support")