MechCloud
  • What is MechCloud?
  • MechCloud Website
  • Launch Portal
  • Links
    • Discord
    • Youtube
    • Blog
    • LinkedIn
    • Twitter
  • Comparison With WordPress
  • Tutorials / Blog Posts
  • Administration
    • Multitenancy
      • Tenant
      • Team
    • Subscriptions
      • Basic
      • Pro
  • Cloud Computing
    • Cloud Accounts
      • Add An Account
        • AWS
        • GCP
        • Azure
      • Configure Regions / Zones
      • Discover Assets
      • Real-time Visualization
        • AWS
          • Tags
          • CloudTrail
        • GCP
  • AI Agents
    • AWS Agent
      • EC2
      • Lightsail
      • Multi-operation Prompts
    • REST API Agent
      • Cloudflare
      • MongoDB Atlas API
  • Website Builder
    • Routing
    • Micro app based architecture
    • Site
    • Site Node
    • Custom Components
      • Frame
      • Layout
      • External Page
      • Component
    • Special Tags
      • <mc-navigation-link>
      • <mc-render-node>
    • Page Designer
      • Single Component Prompts
        • Native HTML tags
        • MechCloud UI Components
        • Demo Components
        • Third Party Components
      • Multi Components Prompts
Powered by GitBook
On this page
  • Configure MechCloud IdP into AWS Account
  • Demo
  • Tutorials

Was this helpful?

  1. AI Agents

AWS Agent

PreviousGCPNextEC2

Last updated 1 month ago

Was this helpful?

AWS agent can be used to manage AWS infrastructure using plain english commands. It does not require storing any short / long term credentials.

You will need to configure MechCloud IdP as an identity provider in AWS in order to make this integration work without AWS API credentials.

Configure MechCloud IdP into AWS Account

Add an identity provider

Go to IAM -> Identity providers and click on Add provider button to add an OIDC identity provider with following details -

Field
Value

Provider URL

Audience

n6dMQlo8ZCE5QxLY4o2KjeBaSn8eefTX

Create an IAM role

Now assign an IAM role to the newly added OIDC provider by following below instructions -

  • Go to IAM -> Identity providers and click on the provider created in the previous section.

  • Click on Assign role button.

  • Select Create a new role radio button.

  • Select following details on the next page and click on Next button -

  • Select permissions policies (e.g. AmazonEC2ReadOnlyAccess) on the next page which you want to assign to this role and click on the Next button.

  • Specify MechCloudWebIdentityRole (or any other name) under Role name on the next page and click on Create role button to create the role. Make sure you replace MechCloudWebIdentityRole in following steps if you decide to use a different name for this role.

  • (IMPORTANT) Make sure that you specify a condition under the Trust relationships tab of MechCloudWebIdentityRole role as shown in the below image so that only users with specific email ids can assume this role. In the absence of this condition, any user who is logged into MechCloud and knows your AWS account number and the role name will be able to assume this role on your AWS account which can result in unexpected charges if you have assigned permissions to provision AWS resources to this role.

  • (IMPORTANT) Also, make sure to revoke existing sessions whenever you remove a user from the condition highlighted above. This will block the access for those users who were removed from the above condition but still have a valid session token.

Demo

Tutorials

  • https://blog.mechcloud.io/how-to-use-mechcloud-chatbot-to-manage-your-aws-ec2-resources

  • https://blog.mechcloud.io/how-to-use-mechcloud-chatbot-to-manage-your-aws-lightsail-resources

https://id.mechcloud.io/