Platform
Domains
Design SystemAcademyFeedback

3. Setup AWS Account

Steps to setup the AWS account for deployment

Topics covered:

Overview

Follow the details below to set up your AWS account before you proceed with the DIGIT deployment.

Pre-requisites

  • Install AWS CLI on your local machine so that you can use AWS CLI commands to provision and manage the cloud resources on your account.

  • Install AWS IAM Authenticator - it helps you authenticate your connection from your local machine so that you can deploy DIGIT services.

Get AWS Access

Public Users

  • You need to sign-up for the AWS account if you do not already have one. Use this link to get started

  • Use the AWS IAM User credentials provided for the Terraform (Infra-as-code) to connect with your AWS account and provision the cloud resources.

  • You'll get a Secret Access Key and Access Key ID. Save the keys.

  • Open the terminal. Run the following command you have already installed on the AWS CLI and use the credentials. (Provide the credentials and you can leave the region and output format blank)

Note: Make sure that the profile name provided in the commands below is also used in the Terraform scripts as the AWS profile. 

aws configure --profile digit-quickstart-poc 

AWS Access Key ID []:<Your access key>
AWS Secret Access Key []:<Your secret key>
Default region name []: ap-south-1
Default output format []: text

  • The above will create the following file in your machine under the user home directory. /path/to/user/home/.aws/credentials

[digit-quickstart-poc] 
aws_access_key_id=*********** 
aws_secret_access_key=*************************
eGov Users

eGov folks can request internal AWS account access. Follow the instructions below. Please note that the access is time-bound and valid only for 2 hours. If it goes beyond a few hours you may need to get the latest session token from the below URL.

  1. You need to have an eGov email account setup.

  2. In the Chrome browser, log in with your eGov google account. The browser profile is set to the eGov official gSuite account.

    1. Then use the following URL to access your AWS access

      • https://egov.awsapps.com/start/

      • Choose the "egov-workshop-training" account

      • Select "Administration Access"

      • Get your AWS access key, secret and session token from the link "command-line-access". Follow the remaining instructions depending on your OS.

      • Run the below commands on a terminal/command prompt

      Note: Make sure that the profile name provided in the commands below is also used in the Terraform scripts as the AWS profile.

      1. aws configure --profile digit-quickstart-poc

      2. aws configure --profile digit-quickstart-poc set aws_session_token <add_your_session_token>

      3. export AWS_PROFILE=digit-quickstart-poc

      4. Now, your AWS account setup is done and you can execute aws cli commands to confirm. For example:

      aws s3 ls

You should be able to see the list of S3 buckets created.

Optionally, you can choose the "management console" option to log in to AWS Console UI and explore the various services without creating anything.

NOTE:

  1. By default, you will get read-only access (you are not allowed for provisioning the resources in the eGov AWS account). To get admin access contact Karthik (karthik.d@egovernments.org).

  2. AWS Session Tokens have 24 hours of time span. Once the time span is over the session tokens expire. You can get the new credentials from the AWS management console here. Make sure to update the AWS credentials file in the below path /path/to/user/home/.aws/credentials

When you have the command line access configured, everything is set for you to proceed with the terraform to provision the DIGIT Infra-as-code.

Previous2. Understanding EKSNext4. Provisioning Infra Using Terraform

Last updated