Skip to main content
The AWS integration discovers IAM users and roles for identity coverage, and parses AWS Marketplace line items to surface third-party SaaS subscriptions billed through your AWS account.

What you’ll need

  • AWS account with permission to create an IAM user (or IAM role for cross-account access).
  • Three minutes.

Set it up

1

Create an IAM user in AWS

In the AWS Console, go to IAM → Users → Add users.
  • Name: axiom-layer-readonly
  • Access type: Programmatic access
On the permissions step, attach the AWS-managed policy ReadOnlyAccess (or use the trimmed policy below if you want least privilege).
2

Save the access key

On the final step, copy the Access key ID and Secret access key. The secret is only shown once.
3

Paste into Layer

In Layer, go to Integrations, find AWS, and click Connect. Paste the Access Key ID, Secret Access Key, and your default region (e.g. us-east-1). Click Connect.
4

Wait for the first sync

The initial sync pulls IAM users, roles, and the last 90 days of Marketplace charges from Cost Explorer. Typically finishes in 10–20 minutes.

Least-privilege policy

If you don’t want to grant ReadOnlyAccess, attach this trimmed policy instead: 
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "iam:ListUsers",
        "iam:ListRoles",
        "iam:ListGroups",
        "iam:GetAccountSummary",
        "ce:GetCostAndUsage",
        "ce:GetDimensionValues",
        "organizations:DescribeOrganization"
      ],
      "Resource": "*"
    }
  ]
}

What gets synced

ObjectFieldsRefresh cadence
IAM usersname, ARN, MFA enabled, last activityDaily
IAM rolesname, ARN, trust policyDaily
Marketplace chargesvendor, product, monthly costDaily

Troubleshooting

Cost Explorer must be enabled in your AWS account before any API can query it. Go to Billing → Cost Explorer and click Enable. There’s a 24-hour delay before data is available.
Cross-account role support is on the roadmap. Email support@axiomancer.io to be notified when it ships.