# Connect Your AWS Account Noros connects to your AWS environment using a read-only IAM role to access your cost and usage data. The entire setup process is guided by Noros directly in the chat. ### Prerequisites * An active Noros account * Permissions to create IAM roles in your AWS payer (management) account * CloudFormation StackSets enabled in your AWS Organization ### Onboarding Steps #### Step 1: Provide Your AWS Account Information When you start the onboarding process, Noros will ask for: * **AWS Account ID** — Your 12-digit payer account ID * **Organizational Unit ID** — Found in the [AWS Organizations console](https://console.aws.amazon.com/organizations) under your root account #### Step 2: Deploy the CloudFormation Stack Noros supports multiple integration methods: * **CloudFormation** (recommended) — Noros provides a pre-configured CloudFormation stack URL. Click the link, scroll to the bottom of the AWS CloudFormation console, check **"I acknowledge that AWS CloudFormation might create IAM resources"**, and click **Create stack**. * **Terraform** — Use the provided Terraform configuration to deploy the IAM role. * **CLI** — Run the provided AWS CLI commands to create the role manually. * **Console** — Follow step-by-step instructions to create the IAM role through the AWS Management Console. #### Step 3: Verify Access Once the stack is deployed, Noros will automatically verify that it can access your cost and usage data. You can also trigger verification manually by asking Noros to check your account status. #### Step 4: Start Saving You'll receive a confirmation when your data analysis is complete and Noros is ready to answer questions about your AWS environment. Initial data processing may take a few minutes depending on the size of your environment. ### Optional: External ID During onboarding, you may be offered the option to configure an **External ID** as an additional AWS security best practice. This adds an extra layer of protection to the cross-account IAM role. ### Connecting Additional Accounts You can connect multiple AWS accounts to Noros. To add another account, simply tell Noros in the chat — for example, **"I'd like to connect another AWS account"** — and it will walk you through the same process. ### What Noros Can Access Noros uses minimal, read-only permissions to access your cost and billing data. It **cannot** read sensitive workload data, modify resources, change network rules, or access anything beyond cost and usage information. [Learn more about AWS permissions →](/getting-started/permissions-required/required-aws-permissions.md) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.noros.ai/getting-started/connect-your-aws-account.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.