AWS Blu Insights

General

Do I need to log in to the AWS console to use AWS Blu Insights?

Yes.

Do team members have to use the same AWS account ID?

No.

How to enter AWS Blu Insights from the AWS Console?

1. Log in to the AWS Console   
2. Navigate to AWS Mainframe Modernization service   
3. Select Refactor with Blu Age and click on “Get Started”   
4. Click on “Continue in Blu Insights”

Here is a recording guiding you through the first SSO access with an AWS Account/Role combination that hasn’t yet accessed Blu Insights:

And this one shows the SSO access for approved accounts:

How to migrate a legacy AWS Blu Insights account to SSO?

AWS Blu Insights will detect if the entered email is linked to a legacy account and will guide you through to migrate to SSO. You will receive an email asking you to confirm that you want to link your legacy account to the concerned AWS Account and role.

Here is a recording guiding you through the process:

No. For each AWS account, you will create a new Blu Insights environment. Remember, the AWS account used for the environment will be charged for Transformation Center usage. To work with multiple AWS accounts on Blu Insights we recommend to go for one of these two options:

  • Use emails following this pattern: <<alias>>+<<AWS account ID>>@<<domain>> (if your domain email server allows it).
  • Request email addresses with the domains of the customers you are working with: (e.g. <<alias>>@<<customer-1-domain>> and <<alias>>@<<customer-2-domain>>).

I have one AWS account. Can I have multiple Blu Insights environments on it?

Yes. One Blu Insights environment can be created for every role on the account.

AWS Blu Insights does not open when I try to access it from the console (the new tab is instantly closed). What can I do?

First, make sure you are in an AWS region where the AWS Blu Insights service is available. Then, make sure that the role you are using on your AWS account has an IAM Policy that allows it to access AWS Blu Insights.   
The role you are using should at least have the permissions of the following statement:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "m2:GetSignedBluinsightsUrl"
            ],
            "Resource": "arn:aws:m2:{region}:{account}:*"
        }
    ]
}

with your own values for {region} and {account}.

Why does AWS Blu Insights ask for an email?

AWS Blu Insights will use that email address to provide updates on your ongoing modernization projects. As different AWS Blu Insights users can use from the same AWS Account, the address of the AWS Account can’t be used for this purpose.

Do I have to use the same email to log in to the AWS Console and to enter AWS Blu Insights?

No, you don’t.

How do I update my name?

Update your Profile in a snap! Click on your avatar in the upper right corner of AWS Blu Insights and in order to edit your information, select Profile in Menu.

Why does my account get disabled?

For security reasons, we disable inactive accounts. Although AWS Blu Insights alerts you prior to disable your account. If you need to re-activate it, please follow the instruction when trying to log-in.

My account has not been validated. What should I do?

AWS Blu Insights is accessible only for Certified individuals with the AWS Refactor Accreditation Program and AWS Blu Age customers. Please email aws-bluage-accreditation@amazon.com to let us know your actual situation (e.g. certification level, team/manager, AWS Blu Age projects, etc.).

How does the SSO work from the AWS Console to AWS Blu Insights?

It involves JWT tokens that are encrypted and decrypted by the console and AWS Blu Insights using AWS KMS.

Can I access AWS Blu Insights using the AWS CLI?

Yes, use the get-signed-bluinsights-url CLI command for this. For example the aws m2 get-signed-bluinsights-url --region eu-west-3 command will get a you an SSO URL to AWS Blu Insights in eu-west-3.

If different users access Blu Insights by assuming the same role with different role session names, will they all have their own Blu Insights environment?

Yes, there will be one Blu Insights environment for every role session name.

Can I use a personal email to register to Blu Insights?

No.

How can I control the list of invited individuals in my projects?

Use Profiles to control who can invite other members.

I have lost access to my AWS account. How can I connect to my AWS Blu Insights?

You can gain back access to AWS Blu Insights by following one of these two options:

  • Request to unlink your AWS account by contacting the support. After your accounts are unlinked, you can log in to AWS Blu Insights from your new AWS account. Notice, this is not possible if you have ongoing billable Transformation Center projects.
  • Create a new Blu Insights account. Use emails following this pattern: <<alias>>+<<AWS account ID>>@<<domain>> (if your domain email server allows it).