Integration with AWS

To provide data tailored to your organization, we require limited, read-only access to information about your AWS infrastructure.

This is done securely using AWS's Identity and Access Management (IAM) with two policies: a permissions policy and a trust policy. The permissions policy defines what actions a trusted user can take (like listing EC2 instances and VPCs), and the trust policy adds Cased as a trusted user. We list all the permissions below in the policy statement.

  1. Sign in to the AWS Management Console

  • Sign in to your AWS Management Console.

  • Navigate to the IAM service.

  1. Create a new permissions policy for Cased

  • Click on "Policies" on the left-hand navigation pane

  • Click on the "Create policy" button.

  • Switch to JSON editor instead of visual.

  • Paste the following JSON, then click "Next" and give the policy a name (CasedPolicy) and description. Then click "Create policy".

    "Version": "2012-10-17",
    "Statement": [
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
            "Resource": "*"
  1. Create a new IAM Role

  • Click on "Roles" in the left-hand navigation pane, then click on the "Create role" button.

  1. Specify Trusted Entity

  • On the "Create role" page, select "AWS Account", and then "Another AWS account" as the trusted entity type, and provide our AWS account ID: 495860673956. Click "Next."

  1. Attach Permissions Policy

  • Now, search by name for the permissions policy you created earlier.

  • Select this permissions policy (with the checkbox), and click "Next"

  • Now, give the role a name (like "CasedRole") and description, then click "Create role".

  1. Provide Role ARN

  • Almost done! Once the role is created, it will appear in the list of roles in your IAM console.

  • Search for the newly-created role name, and click on it to get a summary view of the role. You'll see the Role ARN at the top of the Summary page. It'll look something like this: arn:aws:iam::995840643156:role/CasedRole

  • Copy and then enter the Role ARN on the AWS Connections page of Cased, making sure to select the correct region as well.

Last updated