Pre-requisites for EKS Clusters On-boarding

Pre-requisites for EKS Clusters On-boarding

For on-boarding EKS Clusters in Appranix, following are the pre-requisites,

Create S3 bucket

Appranix requires an object storage bucket to store backups in, unique to a single Kubernetes cluster.
Create an S3 bucket, replacing placeholders appropriately:

BUCKET=<YOUR_BUCKET>
REGION=<YOUR_REGION>
aws s3api create-bucket \
    --bucket $BUCKET \
    --region $REGION \
    --create-bucket-configuration LocationConstraint=$REGION

Create IAM user

  1. Create the IAM user:

    aws iam create-user --user-name <user-name>
    

    For backup of multiple clusters with multiple S3 buckets, create a unique username per cluster.

  2. Attach policies to give Appranix the necessary permissions:

    cat > appranix-policy.json <<EOF
    {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Effect": "Allow",
                "Action": [
                    "ec2:DescribeVolumes",
                    "ec2:DescribeSnapshots",
                    "ec2:CreateTags",
                    "ec2:CreateVolume",
                    "ec2:CreateSnapshot",
                    "ec2:DeleteSnapshot"
                ],
                "Resource": "*"
            },
            {
                "Effect": "Allow",
                "Action": [
                    "s3:GetObject",
                    "s3:DeleteObject",
                    "s3:PutObject",
                    "s3:AbortMultipartUpload",
                    "s3:ListMultipartUploadParts"
                ],
                "Resource": [
                    "arn:aws:s3:::${BUCKET}/*"
                ]
            },
            {
                "Effect": "Allow",
                "Action": [
                    "s3:ListBucket"
                ],
                "Resource": [
                    "arn:aws:s3:::${BUCKET}"
                ]
            }
        ]
    }
    EOF
    
    aws iam put-user-policy \
      --user-name <user-name> \
      --policy-name <policy-name> \
      --policy-document file://appranix-policy.json
    
  3. Create an access key for the user:

    aws iam create-access-key --user-name <user-name>
    

    The result should look like:

    {
      "AccessKey": {
            "UserName": "<user-name>",
            "Status": "Active",
            "CreateDate": "2022-01-31T12:21:11.516Z",
            "SecretAccessKey": <AWS_SECRET_ACCESS_KEY>,
            "AccessKeyId": <AWS_ACCESS_KEY_ID>
      }
    }
    

    • Related Articles

    • Will Appranix automatically associate Application Loadbalancer to the right Targets in a pre-created VPC recovery?

      AWS Application Loadbalancer Supports the following Target Types Instance ID IP Address Lambda On a pre-created VPC recovery, 1. Instance ID:   Yes, Appranix automatically maps the target type to the recovered instance ID in the pre-created VPC. 2. ...
    • Application Resilience - DIY vs using Appranix

      In Appranix, we speak and educate our prospective customers about achieving Application Resilience by a cloud-native approach. One common question that few of our customers ask us is,"We have our infrastructure maintained with Terraform or any other ...
    • How to subscribe to Appranix from Azure Marketplace?

      Appranix is now available in the Azure Marketplace. To set up and subscribe to Appranix through the Azure Marketplace, follow the steps below. If you are an existing Appranix user in Azure, follow the same instructions but select SIGN IN instead of ...
    • DNS Update using Appranix Extension - Post Recovery webhook

      Hi , Appranix-extension for updating the DNS post recovery link is given below. This can be configured in your AWS account as a lambda function and configured to be triggered by Appranix post-recovery web-hook. ...
    • How to Create user account in Appranix?

      Steps to create a new IAM user account From the Appranix left navigation menu, choose “IAM” and select “Users” under its sub-menu. Choose “CREATE USER ACCOUNT” to create a new user Enter the “First name,” “Last name,” “Email ID,” and “Username.” ...