Setup
Here we will describe what we need and also what we spin-up in a standard integration
What we need for deploying our solution?
We will request an IAM User from you on a fresh sub-account under your organisation.
This allows us to create our environment via our provisioning scripts (built on terraform). You will have full control of what we create and all settings can be customised. We have a default set-up, but everything can be workshopped to suit your needs.
What we require from you | Description |
Fresh AWS Account | sub-account under your organisation |
IAM User | We will need one IAM user for that account. We can workshop the exact permissions needed. For staging we usually request AdministratorAccess, but this can also be customised. |
What are we creating in the environment?
Here is a list of the kind of resources we are using on AWS. We are happy to customise configurations on each of the resources.
Resource | Description |
AWS VPC | Virtual Private Network |
AWS Subnets | Different subnets for private, public, database, cache |
AWS Security Groups | To ensure the right resources can access the right things |
AWS NAT Gateway | Allows services can access the internet to be able to reach 3rd parties. For example, for sending emails |
AWS EKS | Managed Kubernetes by AWS |
AWS RDS (Aurora MySQL) | Aurora running MySQL will be the main data store |
AWS Elasticcache (Redis) | Used for caching some information for performance |
AWS AutoScaling Group | Used so we can autoscale cluster nodes on the Kubernetes cluster |
AWS EC2 | Only created via the autoscaling group. All will be running only the AWS EKS base image. |
AWS ELB | Used for exposing services outside of the cluster, either internal or public (with possible IP whitelist) |
Visual Diagram
.png?alt=media&token=755eadbd-3c7a-4d2f-b97a-14842e0d9a87)