Create an IAM User or a Cross-Account Role in AWS for Lucidchart

In order for Lucidchart to access your AWS infrastructure, you’ll need to give Lucidchart the credentials for a new IAM user or a new cross-account role. See below for instructions on how to create these in your AWS console.

To create a cross-account role for Lucidchart's AWS Import, follow these steps:

  1. In your Lucidchart documents page, click Import > Import AWS architecture. Select "Cross-Account Role."


  2. Click "+ Add new AWS account."
  3. Click on the link displayed in the modal to navigate to your AWS account

  4. In AWS, click “Next: Permissions.”

  5. Click “Create Policy.” A new browser window will open.

  6. Back in the Lucidchart import modal, click “Copy to Clipboard.”

  7. Back in the new AWS window, click on the JSON tab and paste the policy document from Lucidchart over the existing content. Click “Review Policy.”

  8. In the next page, give your policy a name and description (optional). Make sure to note the policy name because you will use it later. Click “Create policy.”

  9. Return to the previous tab where you were creating a new cross-account role. Click the refresh button in the top right of the page, then search for the name of the policy you just created in the search bar. Select the policy and click “Next: Tags.”

  10. Add IAM tags to your role if you'd like. Click "Next: Review."

  11. In the next page, give your role a name and description (optional). Click “Create role.”

After you have created your cross-account role, you will need to access the role ARN to use for your Lucidchart import. To access the role ARN, follow these steps:
  1. Click on the role's name from your list of roles in your AWS account. You will be navigated to a role summary page.

  2. At the top of the role summary page, you will see "Role ARN" followed by a string of letters, numbers, and characters. Copy this entire string for use in your Lucidchart import.


To create an IAM user with an inline policy for Lucidchart's AWS Import, follow these steps:

  1. Go to the AWS console and navigate to the "Users" section of Identity Access and Management.

  2. Click “Add User” and enter a name for the user, like “Lucidchart_AWS_Import.” Be sure to check the box next to “Programmatic access” — Lucidchart will use that access key to retrieve the information about your infrastructure.

  3. Click “Next: Permissions” and select “Attach existing policies directly.” Click “Create policy.”


  4. Choose the “Create your own policy” option by clicking the "Select" button.

  5. From your Lucidchart "My Documents" page, click Import > Import AWS Architecture. Select "IAM User" and click Copy to Clipboard.

  6. Back in AWS, give the Policy a name and description then paste the copied IAM policy document. Make sure to note the policy name because it will be used later. Click "Create Policy."

  7. At this point you will need to return to the previous tab where you were creating a new user. Select “Refresh” then search for the policy name. Select the policy and click “Next: Review.”

  8. Review the information on the page to make sure it is correct. Click “Create user.”

  9. Be sure to click “Download .csv” in order to store the access key ID and the secret access key that will be needed later during the import.


Now you’re ready to use this user as part of your Lucidchart import!