Deckhouse Platform in Amazon AWS
Before starting the installation, ensure you have the cloud provider quotas required to deploy your cluster. Make sure that you have access to the desired regions.
You have to create an IAM account with the Amazon AWS cloud provider so that Deckhouse Platform can manage cloud resources. The detailed instructions for creating an IAM account with AWS are available in the documentation. Below, we will provide a brief overview of the necessary actions (run them on the personal computer):
Create the JSON specification
using the following command.
Create a new Policy based on the specification created above with D8CloudProviderAWS
as a policy name:
aws iam create-policy --policy-name D8Policy --policy-document file://policy.json
You will see the following:
{ "Policy": { "PolicyName": "D8Policy", "PolicyId": "AAA", "Arn": "arn:aws:iam::123:policy/D8Policy", "Path": "/", "DefaultVersionId": "v1", "AttachmentCount": 0, "PermissionsBoundaryUsageCount": 0, "IsAttachable": true, "CreateDate": "2020-08-27T02:52:06+00:00", "UpdateDate": "2020-08-27T02:52:06+00:00" } }
Create a new user:
You will see the following:
{ "User": { "Path": "/", "UserName": "deckhouse", "UserId": "AAAXXX", "Arn": "arn:aws:iam::123:user/deckhouse", "CreateDate": "2020-08-27T03:05:42+00:00" } }
You need to allow access to the API and remember your AccessKeyId
+ SecretAccessKey
values:
aws iam create-access-key --user-name deckhouse
You will see the following:
{ "AccessKey": { "UserName": "deckhouse", "AccessKeyId": "XXXYYY", "Status": "Active", "SecretAccessKey": "ZZZzzz", "CreateDate": "2020-08-27T03:06:22+00:00" } }
Attach the specified Policy
to the specified User
:
aws iam attach-user-policy --user-name username --policy-arn arn:aws:iam::123:policy/D8Policy