You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

The following is a list of prerequisites with a brief explanation of the required components necessary for the deployment of an openIDL Node on AWS.


#PrerequisiteDefinition
1AWS AccountAn AWS account is only required for the sake of separating the openIDL in its own namespace. Often, creating an AWS account under the corporate account of your organization may make it easier to bring security to higher standards by isolating the openIDL node. Of course, this is not a hard requirement and a general AWS account where your organization keeps other AWS-based projects can be used.
2AWS IAM User

An AWS IAM User with the permissions to create the terraform IAM user and role is required. If that is not possible, your IT team could be provided with a Terraform script or step-by-step documentation to create an IAM user and role to be used further in the setup process.

Access to the following services will be granted as part of the IAM role's policy:

  • "sns:*"
  • "cloudformation:ListStacks"
  • "application-autoscaling:*"
  • "s3:*"
  • "logs:*"
  • "cloudtrail:*"
  • "dynamodb:*"
  • "sts:*"
  • "elasticloadbalancing:*"
  • "autoscaling:*"
  • "iam:*"
  • "route53domains:*"
  • "secretsmanager:*"
  • "cloudwatch:*"
  • "ses:*"
  • "kms:*"
  • "route53:*"
  • "lambda:*"
  • "ec2:*"
  • "cognito-idp:*"
  • "ebs:*"
  • "eks:*"
  • "acm:*"
  • "rds:*"

3Terraform Cloud Account

Credentials to register or sign in at https://app.terraform.io

The account is used to store the Terraform workspace data.







  • No labels