# AWS Ecosystem

Complete integration suite for AWS partners and cloud-focused organizations, enabling deep AWS service integration and partner program management.

## Available Integrations

### Infrastructure & Operations

* [**AWS Accounts Integration**](https://docs.darcyiq.com/integrations-and-configuration/integration-overview/aws/aws-api) - Direct access to your AWS accounts for real-time cloud intelligence

### Partner Programs

* [**AWS ACE Integration**](https://docs.darcyiq.com/integrations-and-configuration/integration-overview/aws/aws-ace-integration) - Partner opportunity management and tracking
* [**AWS Bedrock LLM**](https://docs.darcyiq.com/integrations-and-configuration/integration-overview/aws/aws-bedrock-integration) - Use your own AI models

## Key Capabilities

### Cloud Intelligence

* Query infrastructure using natural language
* Real-time cost analysis and optimization
* Security and compliance monitoring
* Resource discovery across regions
* Trusted Advisor recommendations

### Partner Success

* Automated opportunity registration
* Funding program recommendations
* Pipeline management
* Deal registration automation

## Security Architecture

All AWS integrations use:

* **Cross-account IAM roles** with assume role permissions
* **External ID protection** against confused deputy attacks
* **Read-only access** by default
* **Temporary credentials** with automatic rotation
* **CloudTrail logging** for complete audit trail

## Prerequisites

Before configuring AWS integrations:

1. Active AWS account(s)
2. IAM permissions to create roles
3. Understanding of your AWS organization structure
4. Clear security policies for third-party access

## Best Practices

### Initial Setup

1. Start with a single AWS account
2. Use read-only permissions only
3. Test with non-production accounts first
4. Document role ARNs and External IDs
5. Review CloudTrail logs regularly

### Ongoing Management

* Rotate External IDs quarterly
* Review permissions annually
* Monitor API usage for anomalies
* Keep integration documentation updated

## Compliance

AWS integrations support:

* SOC 2 Type II compliance
* HIPAA compliance (with BAA)
* GDPR data protection
* PCI DSS standards
* FedRAMP authorization (in progress)

## Support

For AWS integration assistance:

* Review AWS IAM documentation
* Contact your AWS TAM for partner programs
* Reach out to DarcyIQ support for configuration
* Check CloudTrail for troubleshooting