Guides
System StatusRaise a TicketZluri Website
Start typing to search…

Connect

This guide explains how to integrate your AWS account with Zluri using secure role-based access and credentials

Prerequisites

Before starting the integration, ensure the following:

  • Admin access to the AWS Management Console.
  • Permission to create and manage IAM roles.
  • Zluri account with access to the AWS integration page.

Steps to Connect

Step 1: Log in to Zluri

  1. Open your Zluri dashboard.
  2. Navigate to Sources → Integrations → Browse Catalog.
  3. Search for AWS and click ➕ Connect.

Step 2: Authorize the Integration in AWS

  1. Integration with AWS requires authorization from an AWS Administrator.

  2. If you have AWS Admin credentials, authorize the connection yourself.

  3. If needed, send an invitation to a co-worker with AWS Admin privileges to complete the authorization.

    AWS Admin Invite

  4. To invite a co-worker:

    • Enter their name, email, and an optional note.
    • Zluri will send them an invite link with a unique Connect Code.
    Co-worker Invitation

Step 3: Get the External ID and Role ARN from AWS

  1. Log in to the AWS Management Console.

  2. Navigate to IAMRoles.

  3. Click Create Role.

    Create Role in AWS

  4. Select Another AWS account as the trusted entity type.

  5. Enter the Zluri AWS account ID: 908321198367.

  6. In the Options section, select Require external ID.

  7. Set the External ID to the value provided on the AWS integration page in Zluri.

  8. Click Next to continue.

Step 4: Attach Required Policies

  1. On the Permissions page, click Add Permissions and choose Attach policies.

  2. Search and select the following policies to grant Zluri required access:

    • AWSOrganizationsReadOnlyAccess
    • AWSSSOReadOnly
    • AWSSSODirectoryReadOnly

    Optional (for billing data):

    • Select Create Policies if you wish to grant Zluri access to billing data.
    • Choose Cost Explorer Service, set the access level to Read, and select All resources.

    What does the ‘Read billing info’ scope in AWS integration give us?
    Zluri utilizes this scope/permission to fetch all bills from AWS from the last month. These bills are then processed as subscriptions. The subscriptions will appear under the Subscriptions tab in Zluri.

    Create Billing Policy

  3. Name the policy and click Create Policy.

    Policy Creation

  4. Attach the created policy to the role.

    Attach Policy

Step 5: Retrieve Role ARN and External ID

  1. On the Role Summary page, copy the Role ARN.

    • This is needed for Zluri.
    Copy Role ARN

  2. Click on Trust relationships to view and copy the External ID.

    View External ID

Step 6: Complete the Integration in Zluri

  1. Log in to Zluri.
  2. Navigate to Sources → Integrations → AWS.
  3. Paste the following details into the integration form:
    • Role ARN (from Step 5)
    • External ID (from Step 5)
    • AWS Region (e.g., us-west-1, eu-central-1)
  4. Click Connect to complete the integration.

Uninstallation

To uninstall the AWS integration:

  1. Go to the Integrations tab in Zluri.
  2. Hover over the AWS Integration and click More Info.
  3. Click Disconnect to remove the integration.

Integration Complete
Zluri is now connected to AWS, and data will begin syncing automatically.

Got questions? Feel free to submit a ticket or contact us directly at [email protected].


Updated about 13 hours ago