Manual Steps for AWS Account Onboarding

To complete the process, you will need to follow these steps:

Completing Steps in the AWS Partner Network Portal

It is necessary to add a payer to Channel Management and to select the Custom Support offering in the AWS Partner Network Portal. To do this, complete the following steps:

  1. Log in to the AWS Partner Network portal.

  2. Go to Channel Management and click Add.

  3. Provide the following Program Management Account information.

    1. AWS Account ID.

    2. Program Name.

    3. Account Model - End Customer.

  4. Select the Custom Support offering.

  5. Set up the invoicing Information.

  6. Wait for the email confirming the successful onboarding.

Completing Steps in the Customer AWS Console

When onboarding a new AWS account, it is necessary to perform additional steps in the Customer AWS Console.

Note:
- These steps can only be performed once the account has been onboarded by the provider in AWS Partner Network Portal.
- In the case of imported accounts, some of the steps described below may already have been completed. In that case, you should only confirm that everything has been done.

Important: As the actions described in this section are to be performed in the Customer AWS Console, they must be completed either by the customer or by a provider with an IAM user with the "AdministratorAccess" policy. In the latter case, the IAM user must be deleted after the account is imported.

Log in to the Customer AWS Console and complete the following steps:

  1. Update the email address in Payment Preferences.

  2. Activate EC2. To do that, follow these steps:

    1. Click on any link in the AWS Account to go to the activation screen.

    2. Click Complete your AWS Registration.

    3. Provide a phone number (this is the phone number that AWS will call if there is a support issue).

  3. On AWS Cost Management > Cost Explorer, launch the Cost Explorer.

  4. Set up the Billing Preferences and enable the Receive PDF invoice by email option.

  5. Go to Account > Payment Preferences to configure the payment currency.

  6. Go to Account > Tax Settings to configure the tax settings and the TRN number.

  7. Optionally, activate the IAM user and role access to Billing information option under Account.

  8. On IAM, create a policy with any name of your choice and the definition provided below:

    Copy 
    {
      "Version": "2012-10-17",
      "Statement": [
        {
          "Effect": "Allow",
          "Action": [
            "organizations:DescribeAccount",
            "organizations:AttachPolicy",
            "account:GetContactInformation",
            "account:PutContactInformation",
            "account:PutAlternateContact",
            "iam:CreateAccountAlias",
            "iam:CreateUser",
            "iam:AttachUserPolicy",
            "iam:CreateLoginProfile",
            "iam:GetRole",
            "iam:CreateRole",
            "iam:ListAttachedRolePolicies",
            "iam:PutRolePolicy",
            "iam:AttachRolePolicy",
            "iam:PassRole",
            "s3:CreateBucket",
            "s3:PutBucketVersioning",
            "s3:PutReplicationConfiguration",
            "s3:PutBucketPolicy",
            "s3:CreateJob",
            "cur:PutReportDefinition",
            "cur:DescribeReportDefinitions"
          ],
          "Resource": "*"
        }
      ]
    }

  9. On IAM, create an IAM role called OrganizationAccountAccessRole and attach the policy you created previously. To obtain information on how to create an IAM role for another AWS account, click here.

    You can also select Custom Trust Entity during the role creation.

    Below you can find the OrganizationAccountAccessRole trusted entity example. Replace MASTER-AWS-ACCOUNT-ID with the 12-digit format account ID of the CloudBlue service provider AWS account.

    Copy 
    {

        "Version": "2012-10-17",
        "Statement": [
            {
                "Effect": "Allow",
                "Principal": {
                    "AWS": "arn:aws:iam::MASTER-AWS-ACCOUNT-ID:root"
                },
                "Action": "sts:AssumeRole",
                "Condition": {}
            }
        ]
    }

Additional Steps when Importing Existing AWS Standalone Payers

  1. Go to Organizations to create a new organization. This will not be required if an Organization is already created.

    1. Go to Services > AWS Organizations.

    2. Create Organization.

    3. Follow the instructions in the activation email to Activate the Organization.

  2. Go to Account to update contact information and billing and operations alternate contacts.

Steps to be Performed in the AWS Management Extension

Account Pool Management

AWS Management Extension allows you to create a pool of preconfigured AWS accounts to avoid manual operations on each and every order as well as delays for customers.

For additional information, refer to the AWS Management Extension documentation.

Discount and Credit Management

AWS Discounts and Credit Manager provides you with the right tools to perform AWS Rating within CloudBlue without relying on third-party systems. With this suite of tools, you will be able to configure rating at multiple levels with enough granularity, as required by the AWS Refunds and Credit system.

For additional information, refer to the AWS Discount and Credit Manager documentation.

© 2025 Ingram Micro, Inc. All Rights Reserved. Privacy Policy, Terms of Use and Legal

CloudBlue, an Ingram Micro business, uses cookies to improve the usability of our site. By continuing to use this site and/or logging in you are accepting the use of these cookies. For more information, visit our Privacy Policy.
I accept