Skip to content

AWS Provisioning

Provisioning strategy

  • The same ansible scripts are used by all environments. Differences between environments is handled by configuration.

  • Limit flexibility and prioritize the recommended setup.

Infrastructure

  • Create servers, Amazon Linux
  • Micro installation: 1 micro server (SSOLoginWebApp, SecurityTokenService, UserAdminService), 1 small server (UserIdentityBackend, UseradminWebApp)
  • Normal installation: 2 micro servers HA (SSOLoginWebApp, SecurityTokenService, UserAdminService), 1 small server (UserIdentityBackend),1 small server (UseradminWebApp)

  • Normal On-premise admin installation: 2 micro servers HA (SSOLoginWebApp, SecurityTokenService, UserAdminService), 1 small server (UserIdentityBackend),On premise server (UseradminWebApp)

  • Set up firewalls

  • DMZ sone (SSOLoginWebApp, SecurityTokenService, UserAdminService)

  • Secure Vault (UserIdentityBackend, UseradminWebApp)

  • Install OpenLDAP for UIB on Ubuntu

  • Amazon RDS for PostgreSQL

Whydah core

  • Properties, config_override

  • HTTPS only, Certificates

  • HA, HazelCast

  • Import from CSV

TODO

  1. Remove import.enabled
  2. Always run import functionality. Add missing data, never overwrite or remove.
  3. Do not delete anything by default