- Creating a Secret Key Pair in AWS
- Logging in with AWS CLI
- Creating an SSL certificate
- Manually resource cleaning (if deployment fails or you need to remove items)
Resources Created During Deployment
If you do want to restrict the permissions, the following list of resources is created during the deployment process:- An S3 bucket to keep Terraform state files;
- DynamoDB table to manage Terraform state files leases;
- An SSH keypair (or you can choose to use one which was already created), this is used with any EC2 hosts;
- A VPC containing all of the resources provisioned;
- A public subnet for the app servers, and a private subnet for the database (and Redis for now);
- An internet gateway to provide internet access for the VPC;
- An ALB which exposes the app server HTTPS endpoints to the world;
- A security group to lock down ingress to the app servers to 80/443 + SSH;
- A security group to allow the ALB to talk to the app servers;
- A security group to allow the app servers access to the database;
- An internal DNS zone;
- A DNS record for the database;
- An autoscaling group and launch configuration for each chain;
- A CodeDeploy application and deployment group targeting the corresponding autoscaling groups.
This instruction was moved from https://forum.poa.network/t/aws-settings-for-blockscout-terraform-deployment/1962