How do I create a new private re:Post in AWS re:Post Private?

Resolution

Meet the prerequisites

• Be sure that you signed up for an Enterprise or Enterprise On-Ramp Support Plan.
• Be sure that you have the required permissions to create a private re:Post.

Create an organization and add member accounts

If you have a management account or member account of an organization in AWS Organizations, then skip this section.

If you don't have an organization in AWS Organizations, then create an organization. Make sure that the organization includes the account that you use when you create a private re:Post. You can create an organization using the AWS Management Console, a command from the AWS CLI, or a command from the SDK APIs.

Note: If you receive errors when running AWS CLI commands, make sure that you're using the most recent version of the AWS CLI.

To create an organization using the AWS Management Console, follow these steps:

1. Sign in with your IAM user or role, and then open the AWS Organizations console.
2. Choose Create an organization.

By default, your organization is created with all features active. If AWS didn't previously verify your management account, AWS sends a verification email to the email address that's associated with your management account. Within 24 hours, follow the instructions in that email to verify your email address. After AWS verifies your email address, you can invite member accounts to join your organization.

Enable and configure AWS IAM Identity Center for your account

• If you haven't already enabled IAM Identity Center, do so in the same Region where you want to create a private re:Post. To enable an organization instance of IAM Identity Center, follow the directions in Enabling AWS IAM Identity Center.

  Note: re:Post Private supports only organization instances of IAM Identity Center.

• Configure IAM Identity Center for your account. For more information, see Get started with common tasks in IAM Identity Center.

Create an IAM role for AWS Support case creation and management (optional)

Note: You need to create this IAM role only if you want to create AWS Support cases from questions on re:Post Private.

1. Create an IAM role with the required permissions to create, manage, and resolve AWS Support cases for you. The re:Post Private service uses this role to make API calls to AWS Support. You choose this IAM role when you create your private re:Post in the re:Post Private console.
2. Attach an IAM policy to this role so that the role has the required permissions to complete actions related to AWS Support case creation and management. You can either use an AWS managed policy or create a customer managed policy.

For more information, see Managing access to AWS Support case creation and management in re:Post Private.

Create a private re:Post

To create a new private re:Post, follow these steps:

1. Open the re:Post Private console.

2. On the console's homepage, choose Create private re:Post.

3. On the Create private re:Post page, for Pricing, select Free tier or Standard tier based on your use case. Note that if you already used Free Tier for your account, the Free tier option isn't available to you.

4. Under Details, follow these steps:

   For Name, enter a unique name for your private re:Post.

   (Optional) For Description, enter a brief description for your private re:Post.

   For Custom subdomain, enter a custom name for your subdomain.

5. (Optional) To customize your data encryption settings, under Data encryption, select Customize encryption settings. Then, follow either of these steps:

   For Choose an AWS KMS key, select an AWS Key Management Service key or an Amazon Resource Name (ARN).
   -or-
   Choose Create an AWS KMS key. Then, create the AWS KMS key.

6. (Optional) Under Service access for Support case integration, select Enable service access for this re:Post.

   Note: You can also turn on this option after you create the private re:Post.

   For Please select an existing IAM role below or create a new role in IAM console, use the search bar to find your existing IAM role.

   -or-

   Choose create a new role in IAM console.

   If you create a new role, then follow the instructions in Create an IAM role.

   If you use an existing service role, then in the search bar enter the ARN of the role that you want to use. Choose the role from the dropdown list. This is the role that you created in the section Create an IAM role for AWS Support case creation and management.

7. (Optional) Under Tags, choose Add new tag. Then, enter the following information:

   For Key, enter your custom tag key.

   For Value, enter your custom tag value.

   To add more tags, choose Add new tag.

8. Choose Create this re:Post.

A confirmation page notifies you that your private re:Post is being created. You can view the status of the private re:Post in the Status field. When your private re:Post is created, the Status field shows Creating.

It takes about 30 minutes for the private re:Post to be created.

When your private re:Post is ready, the Status field shows Online. To access your private re:Post, use the AWS generated subdomain for your private re:Post that's listed under the Settings tab. After your AWS account team completes the review, you can view the Custom subdomain for your private re:Post under the Settings tab.

Related information

Create, configure, and customize your private re:Post

Onboard to re:Post Private through IAM Identity Center

Inline policies