Set Up Cloud Environment for AWS

This guide will walk you through setting up the necessary environment that you will use throughout your installation to create cloud resources on AWS.

Fast Forward

If you have already set up your AWS environment, expand this box to fast-forward.

  1. Go to your GitOps repository, inside your rok-tools management environment:

    root@rok-tools:~# cd ~/ops/deployments

  2. Retrieve the AWS account ID:

    root@rok-tools:~/ops/deployments# export AWS_ACCOUNT_ID=$(aws sts get-caller-identity \ > | jq -r '.Account')

  3. Retrieve the default region for your profile in your AWS CLI configuration:

    root@rok-tools:~/ops/deployments# export AWS_DEFAULT_REGION=$(aws configure get region)

  4. Save your state:

    root@rok-tools:~/ops/deployments# rok-j2 deploy/env.envvars-aws.j2 -o deploy/env.envvars-aws

  5. Commit your changes:

    root@rok-tools:~/ops/deployments# git commit -am "Set Up Cloud Environment for AWS"

  6. Proceed to the Verify section.

See also

Official AWS CLI guide on environment variables.

Choose one of the following options to set up your cloud environment:

What You’ll Need

Option 1: Set Up Cloud Environment for AWS Automatically (preferred)

Set up your cloud environment for AWS by following the on-screen instructions on the rok-deploy user interface.

If rok-deploy is not already running, start it with:

root@rok-tools:~# rok-deploy --run-from envvars-aws
../../../_images/envvars-aws.png

Proceed to the Summary section.

Option 2: Set Up Cloud Environment for AWS Manually

If you want to set up your cloud environment for AWS manually, follow the instructions below.

Procedure

  1. Go to your GitOps repository, inside your rok-tools management environment:

    root@rok-tools:~# cd ~/ops/deployments

  2. Retrieve the AWS account ID:

    root@rok-tools:~/ops/deployments# export AWS_ACCOUNT_ID=$(aws sts get-caller-identity \ > | jq -r '.Account')

  3. Inspect the AWS account ID and make sure it corresponds to the AWS account where you want to perform the deployment:

    root@rok-tools:~/ops/deployments# echo ${AWS_ACCOUNT_ID?} 123456789012

    Troubleshooting

    AWS account ID is not the expected one

    If the AWS account ID in the output of the above command does not match your expectations, it means that the IAM identity used by the AWS CLI exists in an AWS account other than the desired one.

    To proceed, configure your AWS CLI with an IAM identity that exists in your desired AWS account.

  4. Retrieve the default region for your profile in your AWS CLI configuration:

    root@rok-tools:~/ops/deployments# export AWS_DEFAULT_REGION=$(aws configure get region)

  5. Save your state:

    root@rok-tools:~/ops/deployments# rok-j2 deploy/env.envvars-aws.j2 -o deploy/env.envvars-aws

  6. Commit your changes:

    root@rok-tools:~/ops/deployments# git commit -am "Set Up Cloud Environment for AWS"

Verify

  1. Go to your GitOps repository, inside your rok-tools management environment:

    root@rok-tools:~# cd ~/ops/deployments

  2. Restore the required context:

    root@rok-tools:~/ops/deployments# source <(cat deploy/env.envvars-aws)
    root@rok-tools:~/ops/deployments# export AWS_ACCOUNT_ID AWS_DEFAULT_REGION

  3. Obtain your AWS account ID via the AWS CLI:

    root@rok-tools:~/ops/deployments# AWS_CONFIG_ACCOUNT_ID=$(aws sts get-caller-identity \ > | jq -r '.Account')

  4. Ensure that the AWS account ID obtained via the AWS CLI matches the value of AWS_ACCOUNT_ID:

    root@rok-tools:~/ops/deployments# [[ ${AWS_ACCOUNT_ID?} == ${AWS_CONFIG_ACCOUNT_ID?} ]] \ > && echo OK \ > || echo FAIL OK

  5. Obtain the default AWS region for your profile in your AWS CLI configuration:

    root@rok-tools:~/ops/deployments# AWS_CONFIG_DEFAULT_REGION=$(aws configure get region)

  6. Ensure that the default AWS region obtained via the AWS CLI matches the value of AWS_DEFAULT_REGION:

    root@rok-tools:~/ops/deployments# [[ ${AWS_DEFAULT_REGION?} == \ > ${AWS_CONFIG_DEFAULT_REGION?} ]] \ > && echo OK \ > || echo FAIL OK

Summary

You have successfully configured environment variables that you will later need to generate names for resources.

What’s Next

The next step is to configure access to Arrikto’s private container registry.

PreviousNext