Atlan on AWS Marketplace
βAtlan Architectureβ
βAtlan Securityβ
βAtlan Infra Costβ
Get Atlan license link by contacting us at [email protected]
Create an AWS sub-account (optional but recommended). This will both help monitor costs and be more secure, as it will not interfere with production or other workloads running in the existing AWS accounts.
Create a user with the following IAM permissions:
π Note: You can create a new IAM user or use an existing user with the above permissions to deploy Atlan CF. After stack creation is completed you can remove the permissions from the IAM user.
Select "Create a New Stack".
For the template source, select Amazon S3 URL.
Atlan CloudFormation S3 template URL: https://atlan.s3.amazonaws.com/deploy/marketplace/container/templates/main.yamlβ
β
β
These parameters are needed by the CloudFormation template to create the resources. Details of what to fill in each parameter field are given below.
Key Name: The AWS key pair that will be used to launch EC2 machines. Make sure you have access to this AWS key pair.
Other parameters: You can use the default value.
The image below will help you in filling out the details.
VPC Configuration: Create network resources like VPC, InternetGateway, NatGateway, Subnets, and Security Groups. The defaults are already present.
π Note:
VPC CIDR: Creates a new VPC CIDR block. Ensure that the CIDR range is different from that of your existing VPC. It might need to be peered with Atlan's VPC. Also, do not overlap with any CIDR block assigned to the IP CIDR to be used by the EKS cluster.
VPC CIDR IP addresses used:
Public Subnet: 50 IP addresses
Private Subnets: 250 IP addresses
Termination Protection (recommended): On the "Specify Stack Options" page of the Create Stack wizard, go under "Advanced Options", expand the "Termination Protection" section, and select "Enable".
β
β
EKS Configurations: Configurations related to the EKS cluster. See the note below.
π Note:
EKS Cluster IP CIDR: The CIDR block to assign Kubernetes service IP addresses. If you don't specify a block, Kubernetes assigns addresses 172.20.0.0/16 CIDR. We recommend that you specify a block that does not overlap with resources in other networks peered or connected to your VPC. The block must meet the following requirements:
Within one of the following private IP address blocks: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 100.64.0.0/10 and 198.19.0.0/16.
Does not overlap with any CIDR block assigned to the VPC that you selected for VPC.
Netmask between /24 and /12.
10.0.0.0/8, 192.168.0.0/12 wonβt work. Make sure that the netmask and CIDR block is between the mentioned ranges.
Recommended CIDR range: /16.
Additional Admin Users ARN: This is the ARN value of the AWS IAM users to access the EKS cluster through Kubectl. Provide a comma-separated list if using more than one ARN value. (We recommend adding at least one user.)
After entering the values of the parameters, click "Next" and define tags as per your IT or security compliance guidelines. Otherwise, proceed to the next step by clicking on the "Next" button.
Verify all the details and enable the IAM options at the bottom, and then click on the "Create Stack" button.
In case you face any issues, recheck the parameters. Otherwise, reach out to the Atlan support team with the CloudFormation error logs.
Your CloudFormation template is now successful π
Go to the release portal URL that you got in the CloudFormation outputs.
Log in using the password, which was also given in the CloudFormation outputs. Please don't double tap to copy the password from cloudformation output as it will put an extra space in the end.
Check status on the UI if latest relesae is deployed.
After installation, once all the pods are up and running, users need to set up the organization. Just follow the instruction given below to do that π
Access the Atlan URL, which is displayed as output in the CloudFormation stack, and fill the setup page.:
If you don't see this page and its stuck at checking health page, wait for 10-15 minutes we getting services up.
Log in with the email and password entered on the setup page.
Additional steps to set this up can be found here:
βHow to configure DNS with ACMβ
βHow to configure DNS with wildcard private certsβ
Now you are ready to invite new users to Atlan π
