Skip to main content
Skip table of contents

AWS Account Onboarding Security FAQs

As part of our commitment to a smooth and secure onboarding process, we've prepared the following FAQs to help address any queries you might have about AWS account onboarding with DigitalEx. 

Q1: What is the process for onboarding an AWS account with DigitalEx?

In AWS, there are two main types of accounts:

  • Management Account (Payer/Master account)

  • Member Account

In DigitalEx, the Management Account is onboarded as a billing account and Member Accounts as usage accounts. These can be onboarded either using AWS CloudFormation templates or manually with a step-by-step guide.

Q2: What is a billing account and why does DigitalEx need it?

In DigitalEx, a "billing account" refers to the AWS Management Account. It provides access to cost data, allowing the DigitalEx platform to perform analysis, waste identification, budget management, and mre. 

Q3: What is a usage account and why does DigitalEx need it?

A "usage account," a term used by DigitalEx, refers to AWS Member Accounts. We recommend onboarding all of them as usage accounts in DigitalEx. This allows real-time resource inventory across all your accounts, cost analysis of resources over time, identification of unused resources, and more.

Q4: How do I access the guide for onboarding my billing account?

The guide for onboarding your billing account is available at this link: AWS Billing Account Onboarding Guide

Q5: How do I access the guide for onboarding my usage account?

The guide for onboarding your usage account can be found at this link: AWS Usage Account Onboarding Guide 

Q6: Is it secure to onboard my AWS account with DigitalEx? If so, why?

Yes, DigitalEx has implemented strict measures to ensure the security of your account and data. We use role-based access for AWS accounts, secured by a trust relationship between DigitalEx and the client's AWS account. The secret keys generated in this way are temporary and cannot be reused. DigitalEx only has read access to the S3 bucket storing AWS CUR reports and AWS Config snapshots, and CloudWatch metrics.

Q7: How does billing account onboarding using AWS CloudFormation work?

We've created a one-click onboarding automation to streamline the process and eliminate potential errors. During execution, we check for existing AWS Cost and Usage Reports (AWS CUR) and create one if not available. We also set up an IAM role granting DigitalEx read-only access to the CUR reports stored in the bucket. You can check out the template here.

Q8: How does usage account onboarding using AWS CloudFormation work?

Our one-click onboarding automation simplifies the process. If AWS Control Tower is set up, we utilize its configuration to retrieve AWS Config snapshots. If not, we set up the AWS Config service and an SNS topic for resource snapshots and real-time updates. Finally, we set up an IAM role granting DigitalEx read-only access to the bucket storing AWS Config snapshots. You can check out the template here.

Your cooperation with these guidelines will significantly enhance the onboarding process, ensuring we can provide the best possible service.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close