Connecting to AWS

Step-by-step guide to connect an AWS account to Bluebricks using a CloudFormation stack

First time using Bluebricks? The onboarding wizard walks you through connecting your cloud automatically. Follow the Quick Start instead.

Prerequisites

A valid AWS account
Permissions to create CloudFormation stacks and IAM roles in your AWS account

How to connect in the Bluebricks app

Create a collection and launch CloudFormation

Go to the Collections page
Click Create Collection
Name the collection (for example, production or staging)
Select AWS as the cloud provider
In the Account Number dropdown, click New Account
Click Launch CloudFormation stack

This opens the AWS CloudFormation console with the Bluebricks template, stack name, and your External ID prefilled.

Create the stack in AWS

Review the prefilled stack details, scroll to the bottom, acknowledge the IAM capabilities checkbox, and click Create stack. Wait for the stack to reach CREATE_COMPLETE status. This usually takes under a minute.

Copy the Role ARN

Open the Outputs tab in the CloudFormation console. The stack provisions IAM roles that Bluebricks uses to access your AWS account. You need at least one Role ARN, but we recommend providing both for full visibility and deployment capabilities.

Discovery Role ARN: grants read-only access for resource discovery, inventory, and the context layer. Required for the agent to see what is running in your account
Orchestration Role ARN: grants read/write access for deploying and managing infrastructure through blueprints. Required for making changes through the orchestration platform

Copy the Discovery Role ARN and, if available, the Orchestration Role ARN. See Connect your Cloud for more details on permission types.

Connect in Bluebricks

Back in the Bluebricks wizard, paste the Role ARN(s) and click Connect & Create. Bluebricks verifies the connection and begins ingesting your cloud resources into the context layer.

How to connect via the CLI

You can also connect an AWS cloud account using the Bricks CLI:

bricks setup aws --collection production

The command walks you through the connection flow interactively. After setup completes, verify the connection:

bricks collection ls

A connected collection shows the cloud provider and account name:

GUID                                NAME           CLOUD PROVIDER   CLOUD ACCOUNT   SLUG              STATUS
----------------------------------- -------------- ---------------- --------------- ----------------- -------------------------
env-uuid-123                        production    AWS              aws-prod        production        DEFAULT, web-app (running)

CLI cloud setup currently supports AWS only. To connect GCP, Azure, or a self-hosted runner, use the Bluebricks app with the provider-specific instructions above.

How to connect via the API

Use the Cloud Accounts API to create a cloud account. Pass the Stack ID as cloudFormationStackId and the Role ARN as roleArnId.

Next steps

Connect your Cloud: overview of all supported providers
Connect your Code: give the agent access to your infrastructure repositories

PreviousConnect your Cloud NextConnecting to Azure

Last updated 29 days ago

Was this helpful?

Good night

hashtagPrerequisites

hashtagHow to connect in the Bluebricks app

hashtagCreate a collection and launch CloudFormation

hashtagCreate the stack in AWS

hashtagCopy the Role ARN

hashtagConnect in Bluebricks

hashtagHow to connect via the CLI

hashtagHow to connect via the API

hashtagNext steps