Overview

What is a Chkk Cloud Connector?

Chkk Cloud Connector is a secure, read-only integration that fetches relevant resource data from your cloud environment and correlates it with your Kubernetes clusters. By focusing on resources that affect — or are affected by — your clusters (e.g., security groups, IAM roles, networking settings), the Connector facilitates a unified view of your infrastructure. This insight helps detect potential incompatibilities and misconfigurations early, resulting in a more stable and secure environment.

Supported Cloud Service Providers

Chkk supports connecting to the following major CSPs:
  • AWS (Amazon Web Services)
  • GCP (Google Cloud Platform)
  • Azure (Microsoft Azure)

Permissions

Chkk Cloud Connector operates under the principle of least privilege, utilizing read-only credentials to access only the necessary metadata in your cloud environment. This restricted, non-intrusive access allows Chkk to accurately map your configurations and deliver tailored guidance for upgrades and operational best practices. By granting the minimal permissions required, you maintain a strong security posture while benefiting from insights that reflect the actual state of your environment.
All IAM policies and service accounts associated with the Chkk Cloud Connector remain under your direct control. You can modify, revoke, or remove these permissions at any time to align with your organization’s security and compliance requirements.

Setup Guide

This guide walks you through installing a Chkk Cloud Connector for AWS, GCP, or Azure.
  1. In the left-hand column of the Chkk Dashboard, expand Configure and click Cloud Accounts.
  2. In the top-right corner, click Add Cloud Account.
  3. From the dropdown, select AWS, GCP, or Azure.
Cloud Accounts main page screenshot Once you’ve selected your provider, follow the relevant instructions in the tabs below to set up and verify the Cloud Connector.
1

Enter AWS Account Details

  1. AWS Account ID: Provide the 12-digit AWS Account ID (e.g., 123456789012).
  2. AWS Region: Specify your primary region (e.g., us-east-1).
  3. (Optional) Account Name: Provide a name to reference this AWS Account in the Chkk Dashboard. (e.g., production-account)
  4. Click Mark as done.
Enter AWS account details screenshot
2

Set Up Your Environment

  1. In Setup Environment, choose how you want to create the read-only IAM Role (CloudFormation, Console, CLI, or Terraform).
  2. Follow the steps mentioned under the selected method to set up the IAM Role in your AWS account.
  3. Once set up, click Mark as done.
Setup Environment screenshot
3

Verify Connection to Chkk

  1. Wait until the IAM Role is fully created in AWS.
  2. Chkk attempts to assume the newly created role to confirm connectivity.
  3. Once the connection is verified, you’ll see a success message on the Chkk Dashboard.
  4. The Redo button allows you to retry the connection if needed.
Verify Connection screenshot
4

Confirm Your AWS Account Is Connected

  1. A success message indicates Chkk can now access your AWS account.
  2. Your AWS account will appear in the Cloud Accounts list with Connected status in the Configure -> Cloud Accounts view.
Successful connection screenshot