As part of Cloudrail’s context-aware analysis, we prefer to have access to a cloud account where you that may be used for your Terraform files. If you would just like to evaluate your Terraform file, you can onboard an empty cloud account. We prefer to have access to a cloud account so that we can identify blindspots where the cloud environment is not defined.
We currently support Amazon AWS, with Azure, GCP on the way in 2021!
Adding a cloud account in AWS
Need Picture for Add Cloud Account Wizard
As a security best practice, Cloudrail does not allow you to create your own custom External ID. However, Cloudrail can provide a unique External ID for each cloud account.
To onboard your cloud account, we have provided a Terraform and Cloudformation template to make this step easy for you.
To simplify your onboarding, we highly recommend using Terraform. When you run “terraform apply”, Terraform will be instructed to send an API call to us, informing us of a successful deployment with your account ID information. This allows Cloudrail to have a fully automated process when you onboard a cloud account.
NOTE: the Terraform file can be repurposed into existing Terraform files. Often times, we have seen users repurpose our Terraform into their own “New Account” Terraform modules.