Installation⚓︎
For a full overview on installation of the solution, you can follow the step-by-step instructions in the Deploy the solution section of the solution Implementation Guide. Alternatively, you may follow the steps below to locally synthesize and deploy the solution installer template from source code.
Creating an Installer Stack⚓︎
The Installer Stack CDK application can be deployed using a CloudFormation template produced by completing a CDK synthesis on a local copy of the solution source code. After synthesis, the template can either be deployed using the AWS CLI or the AWS Management Console. Below are the steps for completing the deployment of the Installer stack.
1. Build the Installer stack for deployment⚓︎
-
Install dependencies for the Installer stack
-
Install project dependencies
-
To run the CDK synthesis
After running these commands, the Installer stack template will be saved to <rootDir>/source/packages/@aws-accelerator/installer/cdk.out/AWSAccelerator-InstallerStack.template.json
Note
<rootDir>
is the local directory where you have cloned the solution source code.
For more information on using the development toolchain, please see Development Dependencies.
2. Create a GitHub personal access token⚓︎
Follow the instructions on GitHub Docs to create a personal access token (Classic).
When creating the token select public_repo
for the selected scope.
3. Store Token in Secrets Manager⚓︎
You must store the personal access token in Secrets Manager in the account and region the solution will be deployed to.
- In the AWS Management Console, navigate to Secrets Manager
- Click Store a new secret
- On the Choose secret type step select Other type of secret
- Select the Plaintext tab
- Completely remove the example text and paste your secret with no formatting no leading or trailing spaces
- Select the
aws/secretsmanager
AWS-managed KMS key or a customer-managed key that you own - Click Next
- On the Configure secret step, set the Secret name to accelerator/github-token
- On the Configure rotation step, click Next
- On the Review step, click Store
4. Deploy the Installer stack⚓︎
- Configure the AWS CLI CloudFormation command for the Installer stack
- Create an S3 bucket and copy the generated template file.
cd <rootDir>/source/packages/@aws-accelerator/installer export BUCKET_NAME=<bucket name> aws s3 mb s3://$BUCKET_NAME export ACCOUNT_ID=$(aws sts get-caller-identity --query Account --output text) aws s3api head-bucket --bucket $BUCKET_NAME --expected-bucket-owner $ACCOUNT_ID aws s3 cp ./cdk.out/AWSAccelerator-InstallerStack.template.json s3://$BUCKET_NAME
- Create the Installer stack with AWS CLI command:
aws cloudformation create-stack --stack-name AWSAccelerator-InstallerStack --template-url https://$BUCKET_NAME.s3.<region>.amazonaws.com/AWSAccelerator-InstallerStack.template.json \ --parameters ParameterKey=RepositoryName,ParameterValue=<Repository_Name> \ ParameterKey=RepositoryBranchName,ParameterValue=<Branch_Name> \ ParameterKey=ManagementAccountEmail,ParameterValue=<Management_Email> \ ParameterKey=LogArchiveAccountEmail,ParameterValue=<LogArchive_Email> \ ParameterKey=AuditAccountEmail,ParameterValue=<Audit_Email> \ ParameterKey=EnableApprovalStage,ParameterValue=Yes \ ParameterKey=ApprovalStageNotifyEmailList,ParameterValue=<Comma_Delimited_Notify_Emails> \ ParameterKey=ControlTowerEnabled,ParameterValue=Yes \ --capabilities CAPABILITY_IAM
- (Optional) Alternate deployment of CloudFormation via AWS console:
- From your Management account, navigate to CloudFormation page in the AWS console
- Select ‘Create Stack’ and from the dropdown pick ‘with new resources (standard)’
- For the prerequisite template, select ‘Template is ready’
- When specifying the template, select ‘Upload a template file’
- Ensure that you select the correct file ‘AWSLandingZoneAccelerator-InstallerStack.template.json’
- Fill out the required parameters in the UI, and create the stack once the parameters are inputted.