Get Atlan license URL from atlan. click here for more details.
Create an AWS sub-account (optional but recommended). This will both help monitor costs and be more secure, as it will not interfere with production or other workloads running in the existing AWS accounts.
Create a user with the following IAM permissions:
IAM User Permissions
๐ Note: You can create a new IAM user or use an existing user with the above permissions to deploy Atlan CF. After stack creation is completed you can remove the permissions from the IAM user.
๐ ๏ธ A step-by-step guide for Atlan cloud deployment on AWS
These parameters are needed by the CloudFormation template to create the resources. Details of what to fill in each parameter field are given below.
Key Name: The AWS key pair that will be used to launch EC2 machines. Make sure you have access to this AWS key pair.
Other parameters: You can use the default value.
The image below will help you in filling out the details.
Sample Parameter List
Advanced Configuration (optional)
VPC Configuration: Create network resources like VPC, InternetGateway, NatGateway, Subnets, and Security Groups. The defaults are already present.
๐ Note:
VPC CIDR: Creates a new VPC CIDR block. Ensure that the CIDR range is different from that of your existing VPC. It might need to be peered with Atlan's VPC. Also, do not overlap with any CIDR block assigned to the IP CIDR to be used by the EKS cluster.
VPC CIDR IP addresses used:
Public Subnet: 50 IP addresses
Private Subnets: 250 IP addresses
Termination Protection (recommended): On the "Specify Stack Options" page of the Create Stack wizard, go under "Advanced Options", expand the "Termination Protection" section, and select "Enable".
EKS Configurations: Configurations related to the EKS cluster. See the note below.
๐ Note:
EKS Cluster IP CIDR: The CIDR block to assign Kubernetes service IP addresses. If you don't specify a block, Kubernetes assigns addresses 172.20.0.0/16 CIDR. We recommend that you specify a block that does not overlap with resources in other networks peered or connected to your VPC. The block must meet the following requirements:
Within one of the following private IP address blocks: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 100.64.0.0/10 and 198.19.0.0/16.
Does not overlap with any CIDR block assigned to the VPC that you selected for VPC.
Netmask between /24 and /12.
10.0.0.0/8, 192.168.0.0/12 wonโt work. Make sure that the netmask and CIDR block is between the mentioned ranges.
Recommended CIDR range: /16.
Additional Admin Users ARN: This is the ARN value of the AWS IAM users to access the EKS cluster through Kubectl. Provide a comma-separated list if using more than one ARN value. (We recommend adding at least one user.)
STEP 3: Define the tags
After entering the values of the parameters, click "Next" and define tags as per your IT or security compliance guidelines. Otherwise, proceed to the next step by clicking on the "Next" button.
Tags
STEP 4: Enable the IAM options
Verify all the details and enable the IAM options at the bottom, and then click on the "Create Stack" button.
Accept
STEP 5: Wait around 35 to 40 minutes for stack creation
Output
In case you face any issues, recheck the parameters. Otherwise, reach out to the Atlan support team with the CloudFormation error logs.
Your CloudFormation template is now successful ๐
STEP 6: Installing the product
1.
Go to the release portal URL that you got in the CloudFormation outputs.
2.
Log in using the password, which was also given in the CloudFormation outputs. Please don't double tap to copy the password from cloudformation output as it will put an extra space in the end.
KOTS Admin Console
1.
Check status on the UI if latest relesae is deployed.
STEP 6: Set up admin account
After installation, once all the pods are up and running, users need to set up the organization. Just follow the instruction given below to do that ๐
1.
Access the Atlan URL, which is displayed as output in the CloudFormation stack, and fill the setup page.:
Setup
If you don't see this page and its stuck at checking health page, wait for 10-15 minutes we getting services up.
1.
Log in with the email and password entered on the setup page.
Login
STEP 7: Configure DNS and SSL/TLS (optional)
Additional steps to set this up can be found here: