How to Test Your Product Deployment into a Customer’s AWS Account


TIP: For best results, use Google Chrome when working in the platform


Overview: This article provides detailed information on how to test the deployment of a product purchased from the Marketplace that includes the use of an AWS Cloud formation deployment script to a customer’s AWS account.


1. The product owner sets up the deployment script in the Product module. This LINK provides instructions on how to set this up. Ensure that the product is set to “Active” status so that there’s no setup required for your product to show up in the marketplace.

2. The product owner creates a customer in the Customers module. This LINK provides instructions on how to set this up.

3. The product owner associates an AWS account to the newly created customer. Click on [Add] to link an existing AWS account or [Request] to request a new AWS account. This LINK provides instructions on how to set this up. Once you’ve submitted either request, the platform support team receives a workflow notification to approve either requests (sample below).



4. The product owner creates login credentials that they will use to log in as a customer. The credentials will be used when logging in to the marketplace to purchase a product as a customer.

a. Here is the marketplace link: <insert partner nickname here>

b. The nickname can be found in Settings > Account information > Nickname field



5. Log in to the marketplace using the login created on step 4 and purchase the product that you set up on step 1

6. Once the product has been purchased, click on [Start Product Deployment]


7. Select the new or existing AWS account from step 3



8. In order to deploy the product purchased into a customer’s AWS account, the partner must allow the platform to have “write” access.  To do that, you must update the AWS Role ARN.  You, as the product owner, can do this during the Marketplace Product Deployment process.

9. When the customer selects the existing AWS account to deploy into, they will see the screen below



Below is the entire language from the screenshot above:


The platform requires write access to be able to deploy to your cloud environment. Here are the steps to create a third party IAM role through Amazon's AWS dashboard. 

1. Login to your Amazon IAM console Roles section

2. Click [Create New Role]

3. Enter SESDeployment as the "Role Name" and click "Next Step"

4. Select "Role for Cross-Account Access"

5. Select "Provide access between your AWS account and a 3rd party AWS account"

6. Enter the following: Note: the External ID is unique to each account

Account ID: 328676173091
External ID: [XXXXX]

Leave the "Require MFA" field blank - MFA for third-party access is not supported at this time and accounts used for access have MFA enabled.

7. From the Policy List, select "AdministratorAccess" and click "Next Step"

8. From the Review screen click [Create Role]

9. Select the role from the list. The Summary screen displays.

10. Select the newly created SESDeployment role in your roles list

11. Click on the "Summary" tab

12. Copy the "Role ARN" value and paste it below:


Here’s a screenshot from the AWS console to update ARN role:



10. Paste the role and role description from the AWS console then click [Validate]



11. The screen below captures the input based on the cloud formation script



Below is another sample of product deployment. The formation script will run in the AWS account when you click [Agree].


This is a sample output of a script in progress



If you accidentally close out of the window above, you can go into the hamburger menu and select Purchases. The Status of “Deployment in Progress” means that the script is still running. You can hover over “Deployment in Progress” and it will change to “View”



Here’s the view when you hover over “Deployment in Progress”. The Status changed to [View], which is now a button that you can click on.



You will be taken back to this screen after clicking [View]



Once the deployment is completed, you will get a success or failure screen


Here’s an example of a successful deployment



Here’s an example of a failed deployment