Deploy in AWS
Create an AWS sub-account(optional but recommended). AWS sub-account will help monitor cost and will be more secure as there will be no interference with production or other workloads running in existing AWS accounts.
Create a user with the following users who should have below IAM permissions.
👀 Note: You can create a new IAM user or use an existing user with the above permissions to deploy Atlan CF. After stack creation is completed you can remove the permissions from the IAM User.
Select the Template source as Amazon S3 URL.
Atlan Cloudformation S3 template URL - https://atlan.s3.amazonaws.com/deploy/cf/templates/main.yaml
Details of what to fill in each parameter field are given below.
Key Name: AWS key pair which will be used to launch EC2 machines. Make sure you have access to this AWS key pair.
License URL: Enter the License URL which is shared by the Atlan team. Deployment will fail without License URL.
Other parameters: Use the default value.
The image below will help you in filling up the details.
VPC Configuration: Create network resources like VPC, InternetGateway, NatGateway, Subnets and Security Groups. The defaults are already present.
👀 Note:
VPC CIDR: Creates a new VPC CIDR block. Do ensure that the CIDR range is different from that of your existing VPC which might need to be peered with Atlan's VPC. Also, do not overlap with any CIDR block assigned to the IP CIDR to be used by the EKS cluster.
VPC CIDR IP addresses used:
Public Subnet: 50 IP addresses
Private Subnets: 250 IP addresses
EKS Cluster IP CIDR: The CIDR block to assign Kubernetes service IP addresses. If you don't specify a block, Kubernetes assigns addresses 172.20.0.0/16 CIDR. We recommend that you specify a block that does not overlap with resources in other networks peered or connected to your VPC. The block must meet the following requirements:
Within one of the following private IP address blocks: 10.0.0.0/8, 172.16.0.0.0/12, or 192.168.0.0/16.
Does not overlap with any CIDR block assigned to the VPC that you selected for VPC.
Netmask between /24 and /12.
10.0.0.0/8, 192.168.0.0/12 won’t work. Make sure netmask and CIDR block is between the mentioned ranges.
Recommended CIDR range /16.
Termination Protection: On the Specify stack options page of the Create stack wizard, under Advanced options, expand the Termination Protection section and select Enable. (Recommended)
To enable on existing stacks https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-protect-stacks.html
Choosing ManagedNodeGroup (Default) OR AutoScalingNodeGroup:
You can choose to keep the AMI field empty if you don’t need a custom AMI.
If you need to set up a custom EC2 AMI in place of AWS EKS optimised AMI for 1.17 version, make sure to choose “AutoScalingNodeGroup”.
“ManagedNodeGroup” does not support custom AMIs
Amazon Elastic Kubernetes Service (Amazon EKS) has open-sourced the build scripts that are used to build the Amazon EKS optimized AMI. These build scripts are now available on GitHub. More details on building a Custom AMIs for EKS find more details here:
https://docs.aws.amazon.com/eks/latest/userguide/eks-ami-build-scripts.html
In case you face any issue, recheck the parameters. Otherwise, reach out to Atlan Support team with the Cloudformation error logs.
Cloudformation template is now successful 🎉
Post-deployment, users need to set up the organization. Just follow the instruction given below to do that 👇
Access the AtlanUrl which is displayed as output in CF stack and fill the setup page:
Log in with the email and password entered on the setup page.
Additional steps to set this up can be found here: How to configure DNS for Atlan?
Now you are ready to invite new users to Atlan 😊
