AWS

Owned by Antoine Hage (Unlicensed)
Last updated: Sept 12, 2018

Introduction

SOAJS Console allows you to connect AWS as a cloud provider so you can provision containers and virtual machine clusters as infrastructure to your environments via infra as code templates.

The following page provides you with guidelines on how to connect AWS as a cloud provider and the list of supported functionality by SOAJS that you can use to manage your clusters and virtual machines after creating them.




Scenario

  1. Connect AWS Driver
    1. SSM Roles
  2. Supported AWS Functionality




1- Connect with AWS


Step 1:

Click on your Username in the top right Menu and then click on My Security Credentials from the Menu.


Step 2:

Click on Users from the left sidebar menu then Create new User and follow the wizard steps.

Once your user is created, click on it and open Security Credentials Tab.

Generate a new Access Key along with its token.

Both the key and the Token will be used so that SOAJS Console can communicate with AWS and deploy your infrastructure.



Click on Policies then click on Create New Policy, select JSON view and copy the content of the box below inside the JSON editor on aws.

AWS Policy for SOAJS
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "ec2:*",
                "elasticloadbalancing:*",
                "cloudwatch:*",
                "autoscaling:*",
                "route53domains:*",
                "lambda:*",
                "route53:*",
                "resource-groups:*",
                "cloudformation:*",
                "tag:*",
                "eks:*",
                "ssm:*",
                "sqs:*",
                "s3:*",
                "sns:*",
                "acm:*",
                "iam:*",
                "dynamodb:*",
                "dax:*",
                "application-autoscaling:*",
                "datapipeline:*"
            ],
            "Resource": "*"
        }
    ]
}

Name your policy and add a description to it then assign it to your user:

  • Go back to Users tab, click on the username
  • Under Permissions, select add permissions and choose the policy you created.

The policy grants SOAJS access to the needed AWS services so it can provision virtual machines and container clusters as well as configure and link all required resources such as load balancers, certificates, DNS, autoscaling ... etc

Step 3:

Create role(s) with SSM Access allowing SOAJS to execute commands in Created Virtual Machines.

The role is not needed when connecting AWS as a provider BUT the role is mandatory when creating virtual machines using this provider.

Reference: 

Create an Instance Profile for Systems Manager

https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-configuring-access-role.html

Setting Up AWS Systems Manager

https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up.html?icmpid=docs_ec2_console

Troubleshooting Systems Manager Run Command

https://docs.aws.amazon.com/systems-manager/latest/userguide/troubleshooting-remote-commands.html



Create Role: Step 1
Create Role: Step 2




2- Supported Functionality for AWS


coming soon