Connect Your AWS Account

Step 1

Create a read-only IAM role

Create a new IAM role in your AWS account with the following trust policy and permissions. This grants Numinexus read-only access to cost and utilisation data.

IAM Policy — Read Only

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "ce:GetCostAndUsage",
        "ce:GetCostForecast",
        "cloudwatch:GetMetricData",
        "cloudwatch:GetMetricStatistics",
        "cloudwatch:ListMetrics",
        "config:ListDiscoveredResources",
        "config:GetDiscoveredResourceCounts",
        "ec2:DescribeInstances",
        "ec2:DescribeVolumes",
        "ec2:DescribeNatGateways",
        "rds:DescribeDBInstances",
        "s3:ListAllMyBuckets",
        "s3:GetBucketLocation",
        "elasticloadbalancing:DescribeLoadBalancers",
        "lambda:ListFunctions",
        "lambda:GetFunction"
      ],
      "Resource": "*"
    }
  ]
}

No write permissions. No modifications. Numinexus can only read cost and infrastructure data.

Step 2

Paste your role ARN

After creating the role, copy the Role ARN from the IAM console and paste it below.

Step 3

Run the analysis

We'll analyse your infrastructure and deliver your recommendations within 24 hours. During early access, a human reviews every report for quality.

Read-only access • No credentials stored • Revoke anytime

Connect your AWS account

Create a read-only IAM role

Paste your role ARN

Run the analysis