Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.cavok.dev/llms.txt

Use this file to discover all available pages before exploring further.

Cloud Accounts Page

At our Admin sidebard, the first menu entry is Cloud Accounts, in which a list of currently connected Cloud Accounts have been added to your Organization. There’s no limit on connected Accounts: we want you to have your entire cloud infrastructure under a single Organization. Each new added Account has its own free tier usage.

Basic Information

The New Account Modal will ask the following:
  • Provider
    • AWS
    • Azure (coming soon)
  • Provider ID
    • AWS: This is the 12 digit account number
  • Name
    • Any name you want to give to this Account (alphanumeric only)
  • Access Type
    • Check the next session for detailed instructions on permissions
  • Write logs
    • “Yes” if you want us to write logs to your Cloud Account (AWS CloudWatch Logs) at every interaction with your instances. “No” if you would rather not (you’ll only have information about what’s happening from our Dashboard).
Cavok logs will have the suffix /cavok/ for CloudWatch

AWS Permissions

The most important part is how to enable Cavok Cloud to access your Cloud Account, securely. With AWS, there’s two ways to give us permissions: allowing one IAM User of our own to assume an IAM Role on your account (“Assume Role”), or by creating an IAM User at your side, creating token credentials for it and passing it down to us (“Access Credentials”).
This is the recommended way to give us permission, as it is a AWS Well-Architecture practice.Our internal IAM User integrates with AWS by assuming an IAM Role on your end, and getting temporary credentials.
This is the “old” way of connecting directly to an AWS Account.You create an IAM User on you end, create a Security Credential with anAWS Access Key ID & AWS Secret Access Keyand trust those keys with us.

Option 1: AWS Assume Role

After you add the basic information about your Cloud Account, it will be shown at the Account list as this: Account Item The question mark (?) shows we haven’t confirmed this Account yet. Click on its next step: “Instructions”.
We have an easy AWS CloudFormation Stack Deploy button, ready for you to use.
Deploy on AWS
It will open a CloudFormation page within your logged in AWS Account. This stack creates an IAM Role with our necessary permissions, and you won’t have to pass on any other credential.
This button will open a modal and make a sucession of tests to your Account.In case it succeeds, your Account will be confirmed and you can create Resources for it. In case of failure, check the modal logs for details on where to investigate. Contact Support if needed.

Option 2: AWS Access Key & Secret

If you enter your credentials with the option “AWS Access Key” when creating a new Account, we will use those to connect with it. You will have to create the IAM User on your own. Check our Access Details Page for required permissions. Then click on the “Test” icon to check everything is in place.
This button will open a modal and make a sucession of tests to your Account.In case it succeeds, your Account will be confirmed and you can create Resources for it. In case of failure, check the modal logs for details on where to investigate. Contact Support if needed.

Test your Connection

After you set up IAM on your side, click on the “Test” icon to confirm our access.
Not every permission is required, even log permissions. Testing logs will show you information about what happened at every step.

Detailed Permissions

If you want to fine-tune our permissions or understand better what we use and how, check out our Access Details Page.

Use our Tools

After an Account is properly connected, you can add our Resources to better control your instances usage.

Schedulers

Add Schedulers to turn off your instances & services.

Adjusters

Use Adjusters to resize instances at desired times.