Skip to content

AWS setup

Jump to bottom
Greg Harvey edited this page Jan 15, 2025 · 3 revisions

There is inevitably some manual set-up required for an AWS account.

If you intend to use AWS, create a new account in the usual way. See the AWS documentation for guidance.

Create an Elastic IP Address for your controller

Because your first server will necessarily be manually created, you will need to create a static IP address. In the Search bar at the top type 'EC2', the first search item should be AWS EC2, click on it to go there. This will take you to the EC2 Dashboard. Then:

  1. Under Network & Security in the left-hand menu, click Elastic IPs
  2. Click Allocate Elastic IP address in the top right corner
  3. Click Add new tag, enter 'Name' in the Key box and enter the hyphenated FQDN of your controller in Value, e.g. 'controller-acme-com', then click the Allocate button

If you have made your server, tick the box against your new Elastic IP address and under Actions, top right, select Associate Elastic IP address. On the next page choose your Instance and the only Private IP address available and click the Associate button. This is now the external IPv4 address of your server. (Note, you can do this later if your EC2 instance doesn't exist yet, but you should do it before your create your DNS entries.)

Create an IAM user for the controller

Once that is done, login with your account credentials (the 'root' credentials) and in the Search bar at the top type 'IAM'. The first search item should be AWS IAM, click on it to go there. This will take you to the IAM Dashboard. Then:

  1. Click Users on the left-hand menu
  2. Click the Create user button in the top right corner
  3. Write 'controller' in the User name box and click the Next button
  4. Select Attach policies directly on the right and in the search box type 'Admin'
  5. The filtered list should show a policy called AdministratorAccess, check this one and click the Next button
  6. Check the summary and click Create user

Now your IAM user exists and has full administrator privileges. Next we need to create credentials so we can use this user from our Ansible controller server later. In the user list click on your new 'controller' user, then:

  1. Click the Security credentials tab
  2. Scroll down to Access keys and click the Create access key button on the right
  3. Select Command Line Interface (CLI), ignore the alternatives dialogue, check the confirmation box and click Next
  4. Enter a sensible description such as 'Ansible controller user' and click Create access key
  5. Copy down the access key and secret key in a safe place, you will never see the secret key again (there is a download option)

Home

Quick start

Advanced

Clone this wiki locally