Cloud Control: AWS Target Setup

Document created by thodoris77 Expert on Oct 10, 2016Last modified by Anson McCook on Oct 31, 2017
Version 11Show Document
  • View in full screen mode

**This document is a part of the Cloud Control Setup Overview [Start Here] . Targeting Public Cloud providers requires a license key that includes those features. If you are not able to add AWS, Azure or Softlayer with your current license please reach out to for more information.**



In order to connect Turbonomic to an AWS instance, follow the steps below:


  1. Create a user account (take note of the Access Key ID and the Secret Access Key)
  2. Assign the correct permissions
  3. Add the Target to Turbonomic

Create User Account


  1. Login into the AWS Service and select IAM (Identity and Access Management) from the Services menu

  2. Click on Users and Create a new User Account.

  3. Enter the User name. Make sure that "Programmatic access" is checked.


Assign Permissions


1. On the Permissions section click "Assign existing policies directly"


2. In order for Turbonomic to be able execute decisions in AWS, FullAccess is required. Optionally, you can choose to use ReadOnly credentials which will allow Turbonomic to monitor and recommend actions, but not be able to execute them.


To execute Turbonomic actions, the following permissions are required:

  • AmazonEC2FullAccess
  • AmazonS3ReadOnlyAccess
  • AmazonRDSFullAcess

For least-privilege access (monitoring and recommendations), the following permissions are required:

  • AmazonEC2ReadOnlyAccess
  • AmazonS3ReadOnlyAccess
  • AmazonRDSReadOnlyAccess 





3. Review the assigned permissions and select "Create user"


4. Take note of the Access Key ID and the Secret Access Key.
(copy and paste into a text document or download the csv file)
This information will not be displayed again, so if you don't take note of it now, you will have to create a new Access Key.




Add the Target to Turbonomic


1. On the Targets Menu, Select AWS under Cloud Management


For Address, you can enter "" OR provide any name you prefer to use to identify your AWS account (ie DevTest, Production). This is helpful if you have multiple AWS accounts.

Username: Access Key ID

Password: Access Key Secret


Screenshot at Oct 10 13-53-29.png

11 people found this helpful