Manual Steps for AWS Account Onboarding

To complete the process, you will need to follow these steps:

Completing Steps in the AWS Partner Network Portal

To proceed, you must add a payer in Channel Management and select the Custom Support offering in the AWS Partner Network (APN) Portal. Follow these steps to complete the process:

  1. Log in to the AWS Partner Network portal.

  2. Go to Channel Management and click Add.

  3. Provide the following Program Management Account information.

    1. AWS Account ID.

    2. Program Name.

    3. Account Model - End Customer.

  4. Select the Custom Support offering.

  5. Set up the invoicing Information.

  6. Wait for the email confirming the successful onboarding.

Completing Steps in the Customer AWS Console

When onboarding a new AWS account, additional steps must be completed in the Customer AWS Console.

Note:
- These steps can only be performed after the account has been onboarded by the provider in AWS Partner Network Portal.
- In the case of imported accounts, some of the steps described below may already be completed. In such cases, simply verify that all required actions have been taken.

Important: Since these actions must be performed in the Customer AWS Console, they should be completed either by the customer or by a provider using an IAM user with the AdministratorAccess policy. If a provider performs these steps, the IAM user must be deleted after the account is imported.

Log in to the Customer AWS Console and complete the following steps:

  1. Update the email address in Payment Preferences.

  2. Activate EC2. To do that, follow these steps:

    1. Click any link in the AWS Account to access the activation screen.

    2. Click Complete your AWS Registration.

    3. Provide a phone number (used by AWS for support-related contact).

  3. On AWS Cost Management > Cost Explorer, launch the Cost Explorer.

  4. Set up the Billing Preferences and enable the Receive PDF invoice by email option.

  5. Go to Account > Payment Preferences to configure the payment currency.

  6. Go to Account > Tax Settings to configure the tax settings and the TRN number.

  7. Optionally, activate the IAM user and role access to Billing information option under Account.

  8. In IAM, create a policy with a name of your choice and the definition provided below:

    Copy 
    {
      "Version": "2012-10-17",
      "Statement": [
        {
          "Effect": "Allow",
          "Action": [
            "organizations:DescribeAccount",
            "organizations:AttachPolicy",
            "account:GetContactInformation",
            "account:PutContactInformation",
            "account:PutAlternateContact",
            "iam:CreateAccountAlias",
            "iam:CreateUser",
            "iam:AttachUserPolicy",
            "iam:CreateLoginProfile",
            "iam:GetRole",
            "iam:CreateRole",
            "iam:ListAttachedRolePolicies",
            "iam:PutRolePolicy",
            "iam:AttachRolePolicy",
            "iam:PassRole",
            "s3:CreateBucket",
            "s3:PutBucketVersioning",
            "s3:PutReplicationConfiguration",
            "s3:PutBucketPolicy",
            "s3:CreateJob",
            "cur:PutReportDefinition",
            "cur:DescribeReportDefinitions"
          ],
          "Resource": "*"
        }
      ]
    }

  9. On IAM, create an IAM role called OrganizationAccountAccessRole and attach the policy you created previously. To obtain information on how to create an IAM role for another AWS account, click here.

    You can also select Custom Trust Entity during the role creation.

    Below you can find the OrganizationAccountAccessRole trusted entity example. Replace MASTER-AWS-ACCOUNT-ID with the 12-digit format account ID of the CloudBlue service provider AWS account.

    Copy 
    {

        "Version": "2012-10-17",
        "Statement": [
            {
                "Effect": "Allow",
                "Principal": {
                    "AWS": "arn:aws:iam::MASTER-AWS-ACCOUNT-ID:root"
                },
                "Action": "sts:AssumeRole",
                "Condition": {}
            }
        ]
    }

Additional Steps when Importing Existing AWS Standalone Payers

  1. Go to Organizations to create a new organization.

    Note: This will not be required if an Organization is already created.

    1. Go to Services > AWS Organizations.

    2. Create Organization.

    3. Follow the instructions in the activation email to Activate the Organization.

  2. Go to Account to update contact information and billing and operations alternate contacts.

Steps to be Performed in the AWS Management Extension

Account Pool Management

AWS Management Extension allows you to create a pool of preconfigured AWS accounts to avoid manual operations on each and every order as well as delays for customers.

For additional information, refer to the AWS Management Extension documentation.

Discount and Credit Management

AWS Discounts and Credit Manager provides you with the right tools to perform AWS Rating within CloudBlue without relying on third-party systems. With this suite of tools, you will be able to configure rating at multiple levels with enough granularity, as required by the AWS Refunds and Credit system.

For additional information, refer to the AWS Discount and Credit Manager documentation.

© 2025 Ingram Micro, Inc. All Rights Reserved. Privacy Policy, Terms of Use and Legal

CloudBlue, an Ingram Micro business, uses cookies to improve the usability of our site. By continuing to use this site and/or logging in you are accepting the use of these cookies. For more information, visit our Privacy Policy.
I accept