HashiConf 2025 Don't miss the live stream of HashiConf Day 2 happening now View live stream
HashiCorp Cloud Platform
HashiCorp Cloud Platform Home

Infragraph AWS connection

The AWS connection connects your Amazon Web Services data to the resource graph.

Set up the connection

To establish a new AWS connection:

  1. From the Resource graph Overview, at the top right, click Create Connection.
  2. Select Amazon Web Services (AWS) from the list of data sources.
  3. Click Select AWS.
  4. Under AWS Account IDs, enter the AWS account IDs you want to include in this connection. You can enter IDs manually separated by commas or newlines, or click Upload CSV to import up to 100 accounts in bulk.
  5. Configure the AWS OIDC connection manually, or with Terraform.
    1. Click View Terraform module in Registry to review the IAM Role OIDC Federation and IAM Policy requirements.
    2. Enter a Connection role name. This role name must be identical across all accounts defined in your sync scope.
    3. Copy the generated module block and add it to your HCP Terraform or Terraform Enterprise linked VCS repository.
    4. Configure your AWS credentials for the accounts you added in the sync scope. Refer to the AWS Terraform provider authentication and configuration documentation for more information.
    5. Run a Terraform apply operation to create the required IAM resources in your AWS environment.
    6. We recommend you subscribe to the module GitHub repository to be notified of changes to ensure your connections continue to work.
  6. After you deploy your OIDC resources with Terraform, return to the Create connection page in your browser.
  7. Click the Create connection.

Sync AWS data

To find the current sync status for your AWS data:

  1. Click Connections in your HCP organization's left navigation panel.

  2. Check the AWS connection sync status.

    • Awaiting initial sync means that the connection was created but the first data sync does not initiated.
    • Successful means there were no errors in the latest sync and the data was synced.
    • Partial failure means at least one error occurred in the latest sync.

To manually initiate a new sync, next to the Data source, under Actions, click and then select Sync connection.

View AWS data

To find AWS data connected to your resource graph, try any of the following actions:

  • Go to the Inventory page. Click an individual resource type to view it in the graph explorer.
  • Query resources with any of the existing queries that include AWS resources.
  • Build the query from scratch using AWS resources in the query editor.
Edit this page on GitHub