For administrators
Applying Hosty blueprint
6 min
prerequesties make sure that installing hosty locally docid\ zwlkpsbg phbxcgd9gb c and you have admin access to aws console preparation create a temporary user installing hosty requires at least one existing iam user with admin access after hosty blueprint is installed, we can switch into using automatically created admin iam user until then, you need to create and use a temporary iam user with admin access visit the iam users page on aws console and click create user button set any username (i e org temp ) check provide user access to the aws management console checkbox and configure console password section as nedded (autopassord or custom password, etc ) click next button on the set permissions page, set permissions options to attach policies directly select administratoraccess in permission policies section click next button then create user button logout from the currently logged in user and sign in as the temporary user go to security credentials page and in the access keys section click create access key button select other for use case and click next button set description tag value to anything and click create access key button log into the hosty container using make cli command and then execute aws configure profile=hosty user command it should prompt you to copy and paste access key and secret access key of the recently created temporary user configuration open main tf file and ensure following things you've added usernames to locals users section including yourself make sure to add administrator usernames to locals administrators section to grant these iam users administrator access terraform section is commented out this is done to create initial state on local machine, as s3 bucket and dynamodb table for remote storate haven't been created yet comment out all the sections that create a cluster at this point we just want to install the blueprint without the eks cluster first locals projects is empty, as we don't have any clusters to host any project yet installing hosty blueprint run tofu apply and confirm the operation inside of the /src/terraform folder post install steps iam user hosty installation now has created a user for you now is the time start using it visit the iam users page on aws console as a temporary iam user with admin access open security credentials page of the user with your username enable aws console access (either set custom password or use autogenerated password) logout from the temporary user and login using the credentails for the new user now that you are using dedicated iam user you can visit iam users page on aws console and remove the temporary user account you might need to remove access tokens and disable aws console access for it to be able to do so open security credentials page of your user and enable mfa by adding authenticator app in the access keys section click create access key button select other for use case and click next button set description tag value to anything (i e hosty) and click create access key button in the hosty container ( make cli ) execute rm /src/ aws/credentials to remove temporary credentails created for temporary user execute aws configure profile=hosty user then copy and paste access key and secret access key from the previous step this has to be done only once run hosty auth command and paste otp (one time password) from the authenticator app you in mfa step this has to be done once in 24 hours, otherwise you will not be able to perform any operations with the infrastructure terraform state now that aws s3 bucket and aws dynamodb table are created we can configure terraform to use remote state storage open main tf file and uncomment terraform resource block replace the kms key id generated for the hosting (can be found in kms service in aws with \<clustername> terraform state alias) execute tofu init migrate state and follow the instructions