With Master AWS Account, you can automatically add all the Linked AWS Accounts in your organization in the vRealize Network Insight. .
- Configure the organization firewall for AWS API access. See Firewall Configuration for AWS API Access.
- Create a master account policy for the Master AWS Account and a linked account policy for all the Linked AWS Accounts. See Create a Master and Linked Account Policy. .
- In all the Linked AWS Accounts, add a role to trust the Master AWS Account that you want to add in vRealize Network Insight and attach the linked account policy. See Create a Role in AWS.
- Create a user in the Master AWS Account. See Create a User in AWS Account.
- Log in to vRealize Network Insight.
- Go to .
- Under the Public Clouds section, click Amazon Web Services .
- Select the Collector (Proxy) VM.
- Enter your Amazon Access Key ID and corresponding Secret Access Key.
Note: Your Amazon Access Key ID is a 20-digit string with a corresponding Secret Access Key that you create in the AWS console. For more details, see http://docs.aws.amazon.com/general/latest/gr/managing-aws-access-keys.html .This process takes around 15–20 minutes for adding and displaying your account data .
- Click Validate.
If the number of VMs discovered exceeds the capacity of the platform or a proxy node or both, the validation fails. You will not be allowed to add a data source until you increase the brick size of the platform or create a cluster.The specified capacity for each brick size with and without flows is as follows:
Brick Size VMs State of Flows Large 6k Enabled Large 10k Disabled Medium 3k Enabled Medium 6k Disabled
- After you have validated your AWS account, select the Add Linked Accounts Automatically (Only for Master Account) check box .
- In Role ARN, enter the Role ARN of the Linked AWS account to trust the Master AWS Account .
For information on Role ARN, see Amazon Resource Names (ARNs) and AWS Service Namespaces .
- Enter Nickname and Notes (if any) for the data source .
- Click Submit.
vRealize Network Insight validates Role ARN and adds the account . If the validation fails, the system prompts you for confirmation.