- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
Connecting your AWS accounts to Cloudcraft allows you to visualize your infrastructure by reverse-engineering the live environment’s service relationships into a system architecture diagram. In addition to automatically generating diagrams, a budget model will also be created, and your imported components will display live status data directly in your diagrams. There is no limit on the number of AWS accounts you can connect to Cloudcraft.
Note: For AWS organizations, you must manually add the Cloudcraft role to each individual account in the organization.
This article walks you through connecting your AWS account to Cloudcraft.
Cloudcraft uses a cross-account role to securely access your AWS environment. As a result, you need to create a Cloudcraft-specific, read-only role in your AWS account. This role can be revoked at any time.
If having a read-only role with access to all components isn’t permissible or violates your company’s policies, you also have the option to attach a stricter minimal access policy, only giving read-only access to the resources you want to use with Cloudcraft, further minimizing the amount of data the role can access.
Cloudcraft doesn’t keep any of the live data from your AWS environment. Instead, it stores ARNs, which are unique identifiers for resources in AWS. This allows the application to link live data to components at runtime.
The data from your AWS environment is streamed in real-time to your browser via Cloudcraft’s own AWS environment via role-based access, and is only stored client-side while you are using the application. When you close the application, the live data is deleted.
While not having write access to your account prevents Cloudcraft from offering certain features—like deleting an EC2 instance on both the diagram and your account—it’s simply a more secure approach.
Cloudcraft implements rigorous security processes and controls for the SOC2 compliance program. You can read more about Cloudcraft’s security program and controls on the security page.
cloudcraft
role from the list of roles. On the Summary page, copy the Role ARN.To edit an account, click the gray pencil icon to the left of the account you want to edit. You can change details of the account, such as the name, ARN, and team access.
When you are done, click Save Account.
To remove an account, click the trash can icon to the right of the account you want to remove, then click Remove.