Skip to main content

How to integrate my AWS cloud manually

You are here:
← All topics

It’s very simple, takes less than 10 minutes! 

Follow the steps to integrate your AWS cloud with CleanCloud: 

1. Integration must be done through your root account to access cost data. Don’t worry, linked accounts are automatically brought.

2. In CleanCloud, click the cloud menu at the top right and select add. 

3. Select AWS and Continue

4. Type a name for your cloud and click on Continue.

5. Here it is necessary to create IAM policies with the permissions to integrate the AWS cloud with CleanCloud. To do this, on the CleanCloud panel click on View policy here. 

6. Click the copy icon to copy the AWS policy JSON  that will be created.

7. In a new browser tab, navigate to the IAM Management Policies page. Then select the Create policy button (Services> IAM> Policies> Create policy).

8. On the Create Policy page, paste the code copied in the previous step into the JSON tab. Click the Review policy button.

9. Type a name for the new policy and click the Create policy button.

10. Repeat the same process to create the second Billing policy and don’t forget to include the name of the bucket you want to reference in JSON. Then click on the Create Policy button.

After creating the two new policies, it is necessary to attach them to a new IAM role.

11. In a new browser tab, access your AWS console and go to IAM Management Roles page. There, select the Create Role button. (Services > IAM > Roles > Create Role)

12.Click another AWS Account as Trusted entity type.

13. Back at the CleanCloud page, copy the Account ID and past it into the AWS page in the Account ID field. Select the Require External ID option and copy the External ID from the CleanCloud page and past it into the External ID option. Keep this page open for the next steps. Leave the Require MFA option unchecked and select Next: Permissions 

> CleanCloud page

> AWS page

14. In the Attach permissions policies, enter the name of the first policy created and check the checkbox, repeat the process for the second policy as well and click Next.

15. Leave this screen blank and select Next: Review. 

16. Type CleanCloudApp as the role name. Optional to put a description for it. Check that the two policies created previously are attached to the role and then click Create Role to finish.

17. Back to the Role page, click on the newly created Role – CleanCloudApp – to access your data. 

18. Copy the ARN Role from the AWS page and paste it on the ARN Role on the CleanCloud page.

> AWS page

> CleanCloud page


You have completed the first part of the integration, congratulations! 

In the next steps you will create a report in a defined bucket for CleanCloud to collect and analyze data and provide full visibility of your AWS billing. 

19. Returning to the AWS page, navigate to the Reports page in the Billing management console and select Create Report. 

20. On the report creation page, type the name “CleanCloudReport”  and select Include resource IDs and Automatically update your report options. Click on Next. 

21. Click Configure to create a new bucket on your S3 where the report will be saved.

22. In the window that opens, choose Create a Bucket. As Bucket S3 name put “mycompany-report-cleancloud” and select a region where you prefer. Then click Next. 

23. Confirm the security policy that gives AWS permission to record or archive a report inside the newly created bucket. Click on Save. 

24. You will return to the report configuration page. First validate the Bucket you created, then fill the Report Path Prefix with CleanCloud. Select Hourly Granularity and Report Versioning to Create a New Version, and finally choose Compression Type as GZIP. Click Next. Obs: Bucket must appear as valid. 

25. Review the available information and complete to finalize report creation. 

26. Select Cost and Usage Report and click the CleanCloudReport

27. Copy the text displayed in the Report Path Prefix field

28. Finally you must enable tags for cost reporting. Go to the Cost Allocation Tags page in the cost management console. On the User-defined cost allocation tags tab, select all tags and click Activate. (Services > Billing > Cost allocation tags) 

If you have a lot of tags, click the settings icon and in the table size, select the option with the largest number of items and confirm. This way it is possible to enable all tags without accessing each page separately (ex: 1, 2, and 3).

29. Back at the CleanCloud page, in the S3 bucket field, type the name of the bucket created “mycompany-report-cleancloud”, and paste the copied prefix in the Report path field. Then click Continue. 

30. Finally on CleanCloud page, click Stat optimization and you’re done! 



Your AWS cloud is integrated with CleanCloud and within 24 hours you’ll have access to all cost saving recommendations. 

Close Menu