Prerequisites - HearstAT/cfn_backendless_chef GitHub Wiki
Prerequisites
This is to help understand what needs to be laid out initially to utilize this CF/Cookbook setup.
Existing VPC
Granted, most AWS regions will have a default region, but you may want to setup an IP scheme to utilize.
This is a good guide to get started on that path if you wish to take it. http://docs.aws.amazon.com/AmazonVPC/latest/GettingStartedGuide/GetStarted.html
- SSH Security Group
- You will need to create a security group to select during the build process. This will be intended to let the IPs listed have port 22 access to the servers.
- If you don't want direct SSH access, just remove it from the template(s) or select a null group, or even a bastion host group.
Route53 Hosted Domain/Zone
If you wish to ignore this, you will have to make some changes to the template for it to be functional as it's pretty baked in.
- You will need to be sure you have a domain setup in a public hosted zone. Check out this documentation for more info.
- When created, you will only need the domain.com, the template will add the extra
.
to all DNS entries. (e.g.; chef.domain.com.)
Existing SSL Certificate
This template creates a load balancer and in order to utilize 443/SSL you are required to have a cert already pre-loaded into AWS.
- Follow these instructions to get a cert in place.
- You will need the aws cli tools to get the arn required for the template to utilize the SSL cert.
- Run the following command to get your arn info
aws iam get-server-certificate --server-certificate-name
- Run the following command to get your arn info
External Secrets
Items that needs to be gathered beforehand
New Relic (optional)
- License Key
Sumologic (optional)
- Access ID
- Access Key
- Password
Certs
- Public and Private Cert
- Full chain cert may be required to avoid setting
ssl_verify_mode :verify_none
in the client.rb
- Full chain cert may be required to avoid setting
Mail (optional)
Mail account that is support via postfix, tested with mailgun
- Mail Server
- Mail Credentials (in username:password format)