Login
    Contents x
    Enable AWS Cloud Slice Support
    • 10 Sep 2024
    • 3 Minutes to read
    • Print
    Contents

    Enable AWS Cloud Slice Support

    • Updated on 10 Sep 2024
    • 3 Minutes to read
    • Print
    Article summary

    This document explains how to give the Skillable Studio platform permissions to each Amazon Web Services account that it will use, enabling labs to use those accounts when creating Cloud Slices.

    The following are required to use AWS Cloud Slice with Skillable Studio:

    • AWS account: must be a root account that can be set up as an organization. It cannot be a sub-account from an existing organization.

    • Billing must be set up on the account

    • An IAM User Account must be created

      Use a Dedicated Account

      It is highly recommended to use an AWS account that is dedicated to Cloud Slice lab use. This account should not be an extension of your organization's production AWS account that may be used for other purposes.

    Enable Cloud Slice support in your AWS Account(s)

    To enable Cloud Slice support, you must perform the following tasks once in each AWS Account that you want to use with Skillable Studio:

    1. Navigate to the AWS Portal.

    2. Click sign in to the console.

      Sign in to the console button

    3. If you already have an AWS account, enter your credentials. If you do not have an account, click Create a new AWS account.

    4. Go to Organization by clicking on your username in the upper-right corner.

      Select Organization

    5. Click Create Organization and create an organization.

    6. Once the organization is set up click on the Policies tab at the top of the page.

    7. Click the Service control policies option.

      Select AWS Service Control policies

    8. Click the button to  Enable service control policies.

    IAM User Creation

    1. Click the AWS icon in the upper-left corner to return home.

    2. Under Find Services, search for IAM.

      search for iam

    3. Click IAM.

    4. Click Users on the left side of the page.

    5. Click Create user.

    6. Enter a name for the user. I.E. SkillableStudioAPI. The naming doesn't really matter, as long as the lab author will recognize it later.

    7. Click Next: permissions.

    8. Under Set Permissions, select Attach policies directly.

    9. In the Filter Policies field, search for Org.

    10. Click the checkbox to select AWSOrganizationsFullAccess. AWSOrganizationsFullAccess being assigned is required, so that the Skillable Studio service account can manage the organization created in previous steps.

      Select AWS Organization Full Access

    11. In the Filter Policies field, search for Admin

    12. Click the checkbox to select AdministratorAccess. This will allow Skillable Studio service account full access to manage the root AWS Account.

      Select Administrator Access

    13. Click Next: tags.

    14. Click Next: review.

    15. Click Create user.

      Create User button

    16. Click the User name of the user we just created.

    17. Click on the Security credentials tab. Scroll down to the Access keys section and click Create access key.

      Create Access Key button

    18. Select the Third-party service option and then check the confirmation box.

    19. If desired, add an optional description to the key and then proceed to the next page.

    Record your Access key and Secret access key in a secure location. Once this page is closed, you will not be able to obtain this information again. If it is lost, the access key must be recreated from the user account settings.

    Increase Maximum Amount of Accounts

    Next, we need to increase the maximum amount of accounts that can be created. If you expect 20 lab users, you will need 20 accounts. It is a good idea to increase this amount to allow more accounts than needed, to ensure future events will be supported, or if more lab users join the event. A new ticket with AWS will need to be created each time this needs increased.

    only 10 total accounts can exist within an AWS Organization by default. This includes the management account and then 9 member accounts.

    To increase the maximum amount of accounts that can be created:

    1. Click the question mark in the upper-right corner of the page.

    2. Click Support Center.

      AWS Support Center link

    3. Click Create Case. d

    4. Click "Looking for service quota increases?".

      Looking for service quota increase link

    5. Under Service, select Organizations

    6. Under Requests; Quota, select Number of accounts.

      Requests field - enter new limit value

    7. Enter the number of accounts for the upper limit to be increased to.

    8. Under Case Description, enter a justification, or explanation of why you are increasing the number of accounts.

    9. Under Contact Options, select web. If you prefer, you may select a different language.

      Contact Options with Web selected

    10. Click Submit.

    AWS generally responds within 24 hours, notifying that the case has been completed and limits are increased. The ticket confirmation is needed before setting up AWS Cloud Slice in Skillable Studio.

    Once you have completed the above steps, and AWS has confirmed the maximum amount of accounts has been increased, you will need to set up your Cloud Slice labs in Skillable Studio.

    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout