0. Getting Started
1. Account Creation and Initialization
2. Employee Master Setup
3. Cost Management Setup
4. Integrating SaaS
5. Setup Billing
SaaS Integration Guide
Active! gate SS
Adobe CC (Enterprise plan)
Amazon Web Services (AWS)
App Store Connect
Google Cloud Platform
Google Tag Manager
HRBrain Talent Management
HRMOS Talent Management
HRMOS diligence and indolence
Job Can Recruitment Management
Job Kan Attendance Management
Job Kan Labor HR
KING OF TIME
Kintone (Japanese version)
LINE WORKS (OAuth linkage)
List of supported SaaS
Money Forward Cloud Accounting
Money Forward Cloud Accounting Plus
Money Forward Cloud Agreement
Money Forward Cloud Attendance
Money Forward Cloud Expense
Money Forward Cloud Invoice
Money Forward Cloud Payroll
Money Forward Cloud payable
Recruitment batch Kanrikun
Smaregi Time Card
TOYOKUMO Safety Confirmation Service 2
Tareru Dokodemo Cabinet
Trust Login by GMO
Webex by CISCO
Wordpress self-host (API)
Workplace from Meta
freee sign (formerly NINJA SIGN)
job can payroll
job can workflow
kintone (global version)
raku raku sales
Check SaaS license status
Export account data
How can I learn more about how to work with cloud services?
How to link cloud services managed by other business divisions and departments?
Integration Log Function
Inviting other users
Need to stop the integrated service
Request an unsupported SaaS or feature to be added
Troubleshooting failed integrations
What is Last Activity
(Beta) Delete/deactivate an account in the IT Management Cloud
Alert Mute function
Do you have a retired account left?
Manage former employee accounts (Employee offboarding)
Retired account export
Slack Notification Settings
Analyze the cost situation (Insight)
Check the payment status of SaaS
Cost Management with CSV Data
How to setup Chrome Extension
Manage SaaS invoices and receipts
Use cost management β
How to get an account with Jira, Confluence, Trello, etc.
Integration procedures when 2FA (two-factor authentication) is enabled
What happens if the person who linked the cloud service retires?
What if IP address restrictions are applied on the SaaS side?
What is the difference between roles?
[Integration Error] Authentication error occurs when login using Google Authentication or SSO.
About the event that multiple Salesforce email addresses are displayed
About the event that the user deleted by Atlassian remains as retired
Error: This app has not been confirmed by Google
How to Setup SAML
How to calculate prices
How to setup SCIM
How to setup SCIM (Okta Integration Network)
I get an error with Google OAuth integration.
Services for which cooperation has stopped
Table of Contents
Updated by Yasuhiro Miyoshi
Login to Amazon Web Services
Login to AWS access with root user or IAM user.
Making a Role for Integration
Accsess to Identity and Access Management (IAM) and click Roles menu.
Click Create role
Step1：Enter the value for trusted entity
- Trusted entity：AWS account
- An AWS account：Select 「Another AWS account」and Enter
162001151631in Account ID
- Check the box of Require external ID (Best practice when a third party will assume this role)
a random string (24 or more digits recommended)for the external ID.
- no need MFA
Step2：Click 「Create Policy」
Notice to open the another tab when you click create policy.
Click JSON tab and copy and past the following script.
Click「Next：Review」with no tag.
Enter the Policy name and click Create Policy
After creating the policy, return to the previous tab (Add Permission screen).
Perform the following operations to add the created policy.
- search policy you create.
- select the policy and check, click next.
Set a name for the role in step (3), then scroll down and click the "Create Role" button.
Check Role ARN
Click the role you created.
Copy the Role ARN
Search Amazon Web Services in ITMC
Enter the Role ARN and External ID at role creation and click Integrate.
If the integration with AWS is successful, the registered user information will appear in the account list.
If the integration does not complete successfully, please edit the information from the status tab on the integration screen and try the integration again.
If the problem persists, please contact us via chat.🙏
Because AWS is a service that does not capture email addresses, the user type will be obtained as "unknown" or "system".
To obtain an email address, please use one of the following methods
- Using the Account Merging function.
User type can be assigned, allowing for more accurate retiree management.
- Use tags to grant email addresses directly to IAM users.
By assigning email to the tag key and email address to the tag value, the IT Management Cloud will retrieve the email address.