Create an Amazon FinSpace environment - Amazon FinSpace

Create an Amazon FinSpace environment

A FinSpace environment is created from an AWS account. To create a FinSpace environment, the IAM user performing the actions must have IAM permissions for AdministratorAccess or the FinSpace managed policy attached to their role.

To create a FinSpace environment

  1. Sign in to your AWS account and open FinSpace from the AWS Management Console. It is located under Analytics, and you can find it by searching for FinSpace. Your AWS account number is displayed for verification purposes.

  2. Choose Create Environment.

    
                     create environment Name key
  3. Enter a name for your FinSpace environment under Environment name.

  4. (Optional) Add Environment description.

  5. Add a KMS key to encrypt data in your FinSpace environment. Create a KMS key if one is available in the region where your FinSpace environment is going to be created.

  6. Select an authentication method for the environment from the following options:

    Warning

    Selected authentication method cannot be changed once an environment is created.

    
                     create environment auth method
    1. Email and password: You must specify an initial Superuser. A Superuser has elevated permissions to create and manage application users, control application permissions and access all data. When the environment is completed performing setup, you will need to return to the FinSpace AWS console to obtain the login credentials from the Environment details page. Enter the following information for the Superuser:

      1. Enter the Email address.

      2. Enter First name.

      3. Enter Last Name.

    2. Single Sign On:

      1. Enter the name of your SAML 2.0 Identity Provider (IdP) which will be used for authentication.

      2. You can choose to either upload SAML metadata document or enter the SAML metadata document URL issued by your IdP. Learn more about SAML 2.0 based SSO support in FinSpace.

      3. Provide the attribute definition from your SAML 2.0 compliant identity provider (IdP) for the email field. Please refer to the documentation of your IdP to determine the correct format for the attribute. An example for email attribute is http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress.

  7. Choose Create Environment. The environment creation process has now begun and it will take 50-60 minutes to finish in the background. You can return to other activities while the environment is being created.


               create environment bundles tags

After the environment is created, a domain URL will be generated which is the sign-in url for your FinSpace web application.

Note

Please review Inter-network Traffic Privacy in Amazon FinSpace to ensure that your FinSpace web application is accessible to users.

Setup additional superusers

After your Amazon FinSpace environment is created, you can create additional additional Superusers and configure user groups from within the FinSpace web application. A Superuser has all permissions to take all actions in FinSpace. The first Superuser is created when the environment is created in the AWS console page. After the Superuser is created, the Superuser uses the credentials to login to the FinSpace web application for the first time.

To create a Superuser

  1. Sign in to your AWS account in which the FinSpace environment was created and open FinSpace from the AWS management console. It is located under Analytics, and you can find it by searching for FinSpace. Your AWS account number is displayed for verification purposes.

  2. Select the FinSpace environment for which a Superuser will be created.

  3. In the section, Superusers, choose Add Superuser.

  4. Enter the Email address.

  5. Enter First name.

  6. Enter Last name.

  7. Choose Next

  8. Review the Superuser details.

  9. Choose Create and view credentials. Note that if you have created an environment with SSO, you will not receive a temporary password as you will be authenticated with your IdP.

The credentials of Superusers, who have yet to login, are listed in a banner at the top of the environment details page.

Share the credentials with the person designated as the Superuser. The credentials are necessary to login to your FinSpace web application. The Domain is the sign-in url for your FinSpace web application.

AWS tags

You can optionally assign tags to an Amazon FinSpace environment. A tag is a label that you assign to an AWS resource. Each tag consists of a key and an optional value, both of which you define. If you're using AWS Identity and Access Management, you can control which users in your AWS account have permission to create, edit, or delete tags.

To add a new tag in your Amazon FinSpace environment

  1. Sign in to your AWS account and open FinSpace from the AWS Management Console. It is located under Analytics, and you can find it by searching for FinSpace. Your AWS account number is displayed for verification purposes.

  2. Select the FinSpace environment to manage and add tags.

  3. Under the Tags section, choose Manage Tags.

  4. To add a new tag, choose Add new tag. Add tag details.

  5. Choose Save changes.

To delete an existing tag in your Amazon FinSpace environment

  1. Sign in to your AWS account and open FinSpace from the AWS Management Console. It is located under Analytics, and you can find it by searching for FinSpace. Your AWS account number is displayed for verification purposes.

  2. Select the FinSpace environment to manage and add tags.

  3. Under the Tags section, choose Manage Tags.

  4. Choose Remove for the tag you want to remove.

  5. Choose Save changes.