Cloud integrations (AWS)
ReleaseHub integrates with your favorite cloud provider(s)! This is the first step in building out a self-hosted cluster in the cloud provider account of your choice.
To set up a Kubernetes (EKS) cluster in your AWS account using ReleaseHub, you first need to create an integration between ReleaseHub and your AWS account.
Navigate to the Account Settings screen by clicking the Account Settings icon in the upper right corner of the window. Select the Clusters tab and click the Create New Cloud Provider Integration button.
Create a new cloud provider integration
- Select "Amazon" under "Cloud Integration Provider".
- Choose a name for your integration (something like "Production" or "Preproduction", depending on what you are going to run in this cloud account).
- Press Create Provider Integration.
This will create a new integration under your Clusters tab. Note that this is just a placeholder integration when you first create it as you haven't yet authenticated with AWS.
Once you've created the integration, you can authenticate your AWS account by navigating to the integration and pressing the Launch Stack button. This will create the required IAM role in your AWS account to allow ReleaseHub to carry out actions on your behalf in AWS. Note that this is just an integration stack and it will not yet create a cluster or set up any compute resources in your AWS account.
Launch a new AWS Cloudformation Stack
In a new window, you'll be prompted to sign into your AWS account to complete the integration. You should use an account with sufficient privileges to create new IAM roles, create and destroy Route 53 records, create and destroy EKS clusters and associated resources, and manage any other AWS services you wish to use with ReleaseHub.
We recommend you use AWS Organizations to create a sub-account to deploy your AWS resources into. This ensures a safe boundary between ReleaseHub clusters and infrastructure and any other application infrastructure you may be testing or using, especially in development or test environments. This may align with your company policies on auditing, billing, and business units. Using an isolated sub account can also prevent any unintended consequences in your production or mission-critical accounts. Feel free to ask us any questions or concerns you may have about account permissions and boundaries.
Many customers deploy ReleaseHub clusters into their production accounts to run their production workloads. The above recommendation for using an isolated sub account still applies if this is your first time integrating with ReleaseHub. We recommend a "crawl-walk-run" iterative approach when approaching large problems.
Please make sure you use the correct account where ReleaseHub will deploy your cluster (for example, preproduction clusters should be created in your "development" or "staging" AWS account, not in your "production" account).
Create AWS Stack
Most users will not change or alter the parameters. In particular, the AccountID, ExternalID, and Integration URL are set by ReleaseHub and should not be edited. The Permissions Boundary ARN is explained in Permissions boundaries. You should not add a Permissions Boundary unless you have talked with ReleaseHub first to verify the permissions restrictions will not break anything. If this is your first time running the AWS integration, you should not add a permissions boundary until after your cluster(s) have been created.
Within 2-3 minutes, the stack should appear in the integration page. You can use the refresh button on the right to view the status of each component of the integration stack, and the refresh button on the left to view the overall status of the stack.
A successful cloudformation integration run finished
Once the stack status is "Complete", you can navigate back to your ReleaseHub account.
Under "Cloud Provider Integration Info" on the Clusters tab, you should now see your AWS account ID, as in the image below. This indicates that ReleaseHub has successfully pulled information from your AWS account and the integration is up and running.
A successful cloudformation integration run finished
Last modified 3mo ago