Overall AUTOMATE+ enables the following AWS services (If not already setup):
Security Hub
AWS Config
And we leverage:
IAM Roles/Policies
SSM Documents/Parameters
EventBridge Rules
Cloudwatch log groups
Step Functions
SNS topics
KMS keys
S3 buckets
AUTOMATE+ has a few key requirements in order for a deployment to progress smoothly, we attempt to highlight the main ones below;
Note: A Cross Account Role is required during deployment, find more information on this here.
IAM user requirements during deployment
During deployment an IAM user is required to:
a) Be logged into the relevant AWS account
b) Have permissions to deploy AWS CloudFormation Stacks
c) Appropriate permissions in order to deploy & configure the related AWS native services for AUTOMATE+ to function.
IAM role requirements
AUTOMATE+ deploys a number of roles which are required in order to facilitate automation post deployment.
These roles are visible within your AWS Account.
The deployed roles have the following name suffixes:
a) six-pillars-aws-security
b) SO0111
c) AWSServiceRole
d) AWS-QuickSetup-StackSet
Should you experience any issues while deploying AUTOMATE+, please contact us at support@6pillars.ai and we will be able to assist.