π
Our Manifesto
π
Understanding Data
β
Trusting your Data
π€
Collaborating on Data
π‘οΈ User Management
π§°
Deployment
π§°
Security
π§°
Backup & Disaster Recovery
π§°
Troubleshooting
π¦
Integrations
π¨βπ©βπ§βπ¦ Customer Success & Support
π¨βπ©βπ§βπ¦ Community
Deploy Using CloudFormation
How to deploy Atlan in AWS
π Prerequisite
- Create an AWS sub-account (optional but recommended). This will both help monitor costs and be more secure, as it will not interfere with production or other workloads running in the existing AWS accounts.
- Make sure users have the required permissions to launch the Atlan stack as per this Link. It's always recommended to use the AWS IAM best practices to create a user and policies.
π Note: You can either create a new IAM user or enable an existing user with the above permissions. After stack creation is complete, you can remove these permissions from the IAM user.
π οΈ A step-by-step guide for Atlan cloud deployment on AWS
STEP 1: Create a new stack
Go to the CloudFormation AWS console, and select the option to "Create a New Stack". For the template source, select Amazon S3 URL.
Here is the Atlan CloudFormation S3 template URL: https://atlan.s3.ap-south-1.amazonaws.com/deploy/marketplace/cloudformation/templates/main.yamlβ
Cloud Formation AWS console
STEP 2: Specify the stack details
Fill in the parameters needed by the CloudFormation template to create the resources:
- Deployment Method: The deployment method for installing the product.
- Online (recommended): The stack will be launched with Internet Gateway and NAT Gateway. The product will be accessible via Internet without using a VPN.
- License URL: Enter the License URL that was shared by the Atlan team. The deployment will fail without a License URL.
Advanced configuration (optional)
- VPC Configuration: Create network resources like VPC, InternetGateway, NatGateway, Subnets, and Security Groups. The default options are already filled in.
π Note:
- VPC CIDR: This creates a new VPC CIDR block. Ensure that the CIDR range is different from your existing VPC, which might need to be peered with Atlan's VPC. Also, do not overlap the range with any CIDR block assigned to the IP CIDR to be used by the EKS cluster.
- VPC CIDR IP addresses used:
- Public Subnets: 30 IP addresses
- Private Subnets: 250 IP addresses
- EKS Configuration: Configuration of the EKS control plane deployed with the stack.
- Launch EKS in Private Subnet: When this is set to "True", the EKS control plane will be deployed in private subnets.
- The cluster endpoint is only accessible through your VPC. Worker node traffic to the endpoint will stay within your VPC.
- The product will be only accessible via VPN after VPC peering or transit gateway is set up.
- The load balancer will be internal, and it will only be accessible with VPC or via VPN after VPC peering is done.
- EKS Cluster IP CIDR: This is the CIDR block to assign Kubernetes service IP addresses. If you don't specify a block, Kubernetes assigns the addresses 172.20.0.0/16 CIDR. We recommend that you specify a block that does not overlap with resources in other networks peered or connected to your VPC. The block must meet the following requirements:
- Within one of the following private IP address blocks: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 100.64.0.0/10 or 198.19.0.0/16
- Does not overlap with any CIDR block assigned to the VPC that you selected.
- Netmask between /24 and /12.
- 10.0.0.0/8 and 192.168.0.0/12 wonβt work. Make sure the netmask and CIDR block is between the mentioned ranges.
- Recommended CIDR range: /16
- AWS IAM User/Role ARN to Access the EKS Cluster through Kubectl: Enter the ARN value of the IAM user or role to get access to the EKS cluster via kubectl. The user/role deploying the stack will have access to the EKS cluster. Use this to provide access to any other user. Refer to this page for more information.
- Nodes Configuration: Configurations for the nodes being launched. The nodes are divided into a 70-30 ratio of spot and on-demand capacity.
- Launch All Spot Instances: Atlan product can run on all spot instances, low cost setup, though less reliable. If you enable the option, make sure account has availability for the selected instance type.
- EC2 Instance Type: The instance type for Atlan nodes.
t3a.2xlargeis recommended for normal workloads. For large workloads, you can increase this tom5a.4xlargeorm5.4xlarge. - Launch Spark Nodes: This sets whether to launch Spark nodes. Set this to "True" if you have Azure ADLS. This is set to "False" by default.
- Additional Userscript: You can add a Bash script that needs to be executed on every node whenever a new node is added. For this, put the public link to the script in the "Link to additional script to run on nodes while bootstrapping" field. However, this is completely optional and can be left blank.
π Note: While passing the script link, make sure it is public and accessible over the internet. You can use a signed URL with timeout. Once the stack is created, the script will be copied to the S3 bucket launched via CloudFormation, and it will only be fetched by nodes from S3 instead of the internet.
- Transit Gateway Configuration: These are the configurations to set up the Transit Gateway with the Atlan VPC. Read this documentation for detailed steps.
Sample Parameter List #1
Sample Parameter List #1
- Termination Protection (recommended): On the "Specify" stack options page of the "Create Stack" wizard, go to Advanced options, expand the Termination Protection section, and select "Enable".ββ
STEP 3: Configure the stack options
After entering the parameters above, click on "Next". You can define optional tags as per your IT or Security compliance guidelines, then click the "Next" button.
Tags
STEP 4: Verify all the details
Click on the two checkboxes, and then click on "Create stack".
Accept
STEP 5: Wait 35-40 minutes for stack creation
Output
If you face any issues, recheck the parameters. Otherwise, reach out to the Atlan support team with the CloudFormation error logs.
Your CloudFormation template is now successful π
STEP 6: Set up the admin account
After deployment, you will need to set up the organization. Just follow these instructures π
- 1.Access the Atlan Product URL, which is displayed as output in the CloudFormation stack.
- 2.Fill out the setup page:
%20(9)%20(5).png?alt=media)
Setup
- 1.Log in with the email and password entered on the setup page.
%20(2)%20(2)%20(2)%20(2)%20(3)%20(3)%20(1)%20(12).png?alt=media)
Login
STEP 7: Configure DNS and SSL/TLS (optional)
Looking to configure DNS and SSL/TLS? Here are additional steps to set them up:
Now you are ready to invite new users to Atlan π
Last modified 5d ago
Copy link
Contents
π Prerequisite
π οΈ A step-by-step guide for Atlan cloud deployment on AWS
STEP 1: Create a new stack
STEP 2: Specify the stack details
Advanced configuration (optional)
STEP 3: Configure the stack options
STEP 4: Verify all the details
STEP 5: Wait 35-40 minutes for stack creation
STEP 6: Set up the admin account
STEP 7: Configure DNS and SSL/TLS (optional)