**Help improve this page** 

To contribute to this user guide, choose the **Edit this page on GitHub** link that is located in the right pane of every page.

# Create an Argo CD capability using the Console
<a name="argocd-create-console"></a>

This topic describes how to create an Argo CD capability using the Amazon Web Services Management Console.

## Prerequisites
<a name="_prerequisites"></a>
+  ** Amazon Identity Center configured** – Argo CD requires Amazon Identity Center for authentication. Local users are not supported. If you don’t have Amazon Identity Center set up, see [Getting started with Amazon Identity Center](https://docs.amazonaws.cn/singlesignon/latest/userguide/getting-started.html) to create an Identity Center instance, and [Add users](https://docs.amazonaws.cn/singlesignon/latest/userguide/addusers.html) and [Add groups](https://docs.amazonaws.cn/singlesignon/latest/userguide/addgroups.html) to create users and groups for Argo CD access.

## Create the Argo CD capability
<a name="_create_the_argo_cd_capability"></a>

1. Open the Amazon EKS console at https://console.aws.amazon.com/eks/home\$1/clusters.

1. Select your cluster name to open the cluster detail page.

1. Choose the **Capabilities** tab.

1. In the left navigation, choose **Argo CD**.

1. Choose **Create Argo CD capability**.

1. For **IAM Capability Role**:
   + If you already have an IAM Capability Role, select it from the dropdown
   + If you need to create a role, choose **Create Argo CD role** 

     This opens the IAM console in a new tab with pre-populated trust policy and full read access to Secrets Manager. No other permissions are added by default, but you can add them if needed. If you plan to use CodeCommit repositories or other Amazon services, add the appropriate permissions before creating the role.

     After creating the role, return to the EKS console and the role will be automatically selected.
**Note**  
If you plan to use the optional integrations with Amazon Secrets Manager or Amazon CodeConnections, you’ll need to add permissions to the role. For IAM policy examples and configuration guidance, see [Manage application secrets with Amazon Secrets Manager](integration-secrets-manager.md) and [Connect to Git repositories with Amazon CodeConnections](integration-codeconnections.md).

1. Configure Amazon Identity Center integration:

   1. Select **Enable Amazon Identity Center integration**.

   1. Choose your Identity Center instance from the dropdown.

   1. Configure role mappings for RBAC by assigning users or groups to Argo CD roles (ADMIN, EDITOR, or VIEWER)

1. Choose **Create**.

The capability creation process begins.

## Verify the capability is active
<a name="_verify_the_capability_is_active"></a>

1. On the **Capabilities** tab, view the Argo CD capability status.

1. Wait for the status to change from `CREATING` to `ACTIVE`.

1. Once active, the capability is ready to use.

For information about capability statuses and troubleshooting, see [Working with capability resources](working-with-capabilities.md).

## Access the Argo CD UI
<a name="_access_the_argo_cd_ui"></a>

After the capability is active, you can access the Argo CD UI:

1. On the Argo CD capability page, choose **Open Argo CD UI**.

1. The Argo CD UI opens in a new browser tab.

1. You can now create Applications and manage deployments through the UI.

## Next steps
<a name="_next_steps"></a>
+  [Working with Argo CD](working-with-argocd.md) - Configure repositories, register clusters, and create Applications
+  [Argo CD considerations](argocd-considerations.md) - Multi-cluster architecture and advanced configuration
+  [Working with capability resources](working-with-capabilities.md) - Manage your Argo CD capability resource