Pre-requisites for EKS Clusters On-boarding

Pre-requisites for EKS Clusters On-boarding

For on-boarding EKS Clusters in Appranix, following are the pre-requisites,

Create S3 bucket

Appranix requires an object storage bucket to store backups in, unique to a single Kubernetes cluster.
Create an S3 bucket, replacing placeholders appropriately:

BUCKET=<YOUR_BUCKET>
REGION=<YOUR_REGION>
aws s3api create-bucket \
    --bucket $BUCKET \
    --region $REGION \
    --create-bucket-configuration LocationConstraint=$REGION

Create IAM user

  1. Create the IAM user:

    aws iam create-user --user-name <user-name>

    For backup of multiple clusters with multiple S3 buckets, create a unique username per cluster.

  2. Attach policies to give Appranix the necessary permissions:

    cat > appranix-policy.json <<EOF
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "ec2:DescribeVolumes",
                "ec2:DescribeSnapshots",
                "ec2:CreateTags",
                "ec2:CreateVolume",
                "ec2:CreateSnapshot",
                "ec2:DeleteSnapshot"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:GetObject",
                "s3:DeleteObject",
                "s3:PutObject",
                "s3:AbortMultipartUpload",
                "s3:ListMultipartUploadParts"
            ],
            "Resource": [
                "arn:aws:s3:::${BUCKET}/*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket"
            ],
            "Resource": [
                "arn:aws:s3:::${BUCKET}"
            ]
        }
    ]
}
EOF

    aws iam put-user-policy \
  --user-name <user-name> \
  --policy-name <policy-name> \
  --policy-document file://appranix-policy.json

  3. Create an access key for the user:

    aws iam create-access-key --user-name <user-name>

    The result should look like:

    {
  "AccessKey": {
        "UserName": "<user-name>",
        "Status": "Active",
        "CreateDate": "2022-01-31T12:21:11.516Z",
        "SecretAccessKey": <AWS_SECRET_ACCESS_KEY>,
        "AccessKeyId": <AWS_ACCESS_KEY_ID>
  }
}

    • Related Articles

    • Will Appranix automatically associate Application Loadbalancer to the right Targets in a pre-created VPC recovery?

      AWS Application Loadbalancer Supports the following Target Types Instance ID IP Address Lambda On a pre-created VPC recovery, 1. Instance ID:   Yes, Appranix automatically maps the target type to the recovered instance ID in the pre-created VPC. 2. ...

    • Application Resilience - DIY vs using Appranix

      In Appranix, we speak and educate our prospective customers about achieving Application Resilience by a cloud-native approach. One common question that few of our customers ask us is,"We have our infrastructure maintained with Terraform or any other ...

    • DNS Update using Appranix Extension - Post Recovery webhook

      Hi , Appranix-extension for updating the DNS post recovery link is given below. This can be configured in your AWS account as a lambda function and configured to be triggered by Appranix post-recovery web-hook. ...

    • How to subscribe to Appranix from Azure Marketplace?

      Appranix is now available in the Azure Marketplace. To set up and subscribe to Appranix through the Azure Marketplace, follow the steps below. If you are an existing Appranix user in Azure, follow the same instructions but select SIGN IN instead of ...

    • AKS Prerequisites and Configuration

      Getting Started with Container Resilience for Azure Prerequisites 1. az, kubectl, curl executables on the bash terminal from where you will be running installation script 2. An Azure Blob Storage container with Storage Account Access Key to access ...