How to create a Read Only IAM User

Using a cross account role is AWS best practice and the preferred method to enable Hava to build your environment diagrams and log changes. If you prefer to set up access via a key pair, then follow these instructions.

Log in to your AWS console & open the Services menu.

Select IAM from the Security, Identity & Compliance options :

Select Users :

Click "Add User" :

Enter a memorable User Name and set the access type to "Programmatic Access"

Click "Next Permissions" to move to the set permissions dialogue.

Select "Attach existing policies directly"

Scroll through the policies : locate and select "ReadOnlyAccess" :

Click Next to advance to the "Add tags" dialogue. Skip this step.

Click "Next : Review" to advance to the review screen :

Click "Create User" :

You will get a screen confirming the successful creation of the new user and an Access Key ID and Secret Access Key credentials. You can write these down, however, to ensure accuracy we advise downloading the credentials.csv file and cutting & pasting the user credentials from there.

You now have the necessary user and credentials to connect Hava to your AWS environment.

Open the Hava Environments workspace and select Add Environments :

Enter the Access Key and Secret Key from the previous step and click "Import" :

Hava will now import your environment components, construct the diagrams and start logging changes as they happen.