Amazon AWS - commotioncreativeltd/octobercms-deployment GitHub Wiki

Initial setup

There are a few preparation steps I take to setup the Amazon account and what you need for other services like Forge.

  1. sign up for a new Amazon account with user details
  2. log into the management console
  3. go to Services > Security & Identity > IAM
  4. click Users > Create New Users
  5. Enter forge and website as the usernames and make sure Generate an access key for each user is also checked
  6. click Create Users
  7. on the following screen, click Show User Security Credentials to view the newly created user details
  8. make a note of these details. Be sure to keep them safe as this is the ONLY time you will get to seed BOTH details.
  9. Now click Close twice
  10. You should now see a list of all users. We now need to attach policies to both of these new users
  11. Click on forge and be sure to be on the Permissions tab. Click the attach button and add: 11a. AmazonEC2FullAccess 11b. AmazonVPCFullAccess
  12. Once selected click Attach Policy
  13. Go back to Users and do the same for website user, however, add the following policy instead: 13.a AmazonS3FullAccess

Setup S3 Bucket

  1. go to the AWS Management Console > Services > Storage and Content Delivery > S3
  2. click Create Bucket and enter a bucket name making sure the region is Ireland
  3. Once created you should see in the right hand sidebar Permissions - under this section click Add bucket policy. Enter the below policy replacing BUCKETNAME with the name used in step 2.
{
    "Version": "2008-10-17",
    "Id": "Policy1397632521960",
    "Statement": [
        {
            "Sid": "Stmt1397633323327",
            "Effect": "Allow",
            "Principal": {
                "AWS": "*"
            },
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::BUCKETNAME/*"
        }
    ]
}
  1. click into the bucket on the left hand side and create two folders named media and uploads

Associate an Elastic IP

I like to associate an Elastic IP to the newly created server instance. This way I can, as and when needed, spin up a new EC2 instance, configure it, deploy the website and then associate the IP to the new instance. This way there's no need to change client DNS records.

  1. within the AWS Management Console go to Services > Compute > EC2
  2. in the sidebar will be Elastic IPs
  3. click Allocate New Address and confirm

A small note on Elastic IPs: Amazon charge for Elastic IPs NOT being used so be sure to associate the IP (our next step) to our new EC2 instance soon as possible and don't leave it sitting there unassociated!

  1. now you see your new Elastic IP in the list right-click > Associate Address
  2. click into the instance field and it will auto populate a dropdown with your new EC2 Instance - click on it to select
  3. then click Associate
  4. setup your development domain DNS record to this IP