Create an AWS sub-account(optional but recommended). AWS sub-account will help monitor cost and will be more secure as there will be no interference with production or other workloads running in existing AWS accounts.
Create a user with the following users who should have below IAM permissions.
π Note: You can create a new IAM user or use an existing user with the above permissions to deploy Atlan CF. After stack creation is completed you can remove the permissions from the IAM User.
To allow outbound emails from Atlan like email notifications and user invites, it will require SMTP configuration. Check out the detail given below π
SMTP Host
SMTP Port
SMTP Username
SMTP User Password
SMTP Sender Email
Select the Template source as Amazon S3 URL.
Atlan Cloudformation S3 template URL - https://atlan.s3.amazonaws.com/cf/lite/v5/templates/main.yamlβ
Details of what to fill in each parameter field are given below.
A version of Cloudformation templates: Choose version as v5.
Wants to use an existing VPC: Select "true" if youβre going to use your existing VPC and network resources, please provide details for the existing VPC as shown in the screenshot below.
ββ
π Note: Each public subnet has a minimum of ten free IP addresses available. Each private subnet has a minimum of 250 free IP addresses available.
VPC Configurations: These parameters are needed to create network resources like VPC, InternetGateway, NatGateway, Subnets, and Security Groups. Defaults are already present but if you want to connect existing workloads using VPC peering, make sure the VPC CIDR range doesnβt overlap with your existing VPCs range.
Key Name: AWS key pair which will be used to launch EC2 machines. Make sure you have access to this AWS key pair.
Environment: For example - development, staging, or production.
Deployment Type: Keep it as a "trial" if it's for POC or "production" if it's for production.
License URL: Enter the License URL which is shared by the Atlan team. Deployment will fail without License URL.
SMTP Configs: SMTP server details in order to send outbound emails from deployment. User invitation will not work without SMTP configuration.
Other parameters: Use the default value.
The image below will help you in filling up the details.
In case you face any issue, recheck the parameters. Otherwise, reach out to Atlan Support team with the Cloudformation error logs.
Cloudformation template is now successful π
Post-deployment, users need to set up the organization. Just follow the instruction given below to do that π
Access the AtlanUrl which is displayed as output in CF stack and fill the setup page:
Log in with the email and password entered on the setup page.
You will receive a verification email. Once you verify, you will be able to access the product as an Admin user. Confirm your details and login. If you donβt receive the verification email, do check the SMTP configuration.
To invite users to the Atlan product, you need to configure the "Domain Name" and "SSL/TLS" for deployment. To do so follow the instructions given below π
DNS: Create a CNAME record on your Domain Name server for the Atlan endpoint which you have received in Cloudformation Stack output.
For Example: If you got Atlan URL as a0376b0f5f0f74fcd9ef6aea05cb7e0c-6d16c0434f421af3.elb.ap-south-1.amazonaws.com and you want to access the product on https://xyz.company.com, then create a CNAME record as below on your Domain Name server.
Type: CNAME
Name: xyz.company.com
Target: a0376b0f5f0f74fcd9ef6aea05cb7e0c-6d16c0434f421af3.elb.ap-south-1.amazonaws.comβ
Follow the instructions given below to configure SSL/TLS π
Login to the release console with credentials (They are mentioned in Cloudformation Stack output).
Go to the configuration section. Here we need to update the Product DNS and TLS/SSL.
Update product DNS. Here, enter the DNS which we created for Atlan deployment. It will have AWS ELB DNS. Update it with the DNS which you created.
To configure TLS, upload the SSL/TLS certificates of your domain name and the key. This will help make the product accessible at https. If you use AWS Certification Manager(ACM), use documentation for enabling ACM for NLB.
Next, scroll down to the bottom of the page and save the config. Your new product version has now been created. To implement the changes, click on the "Go to the new version" button
Now the system will perform the preflight checks. Click on "Deploy", once successful without any error.
Once deployment of new changes completed access the product on DNS which you created. For example xyz company.
Now you are ready to invite new users to Atlan π