Install, configure and manage the AWS AdminCentral account.
# Update CF stacks with sceptre:
# sceptre launch-stack prod <stack_name>
The above should setup resources for the AWS account. Once the infrastructure for the account has been setup you can access and view the account using the AWS console.
Note - This project depends on CF templates from other accounts.
This account is setup to be the VPN Gateway. A VPC peering connection is required to allow the VPN access to other VPCs. To setup VPC peering from the VPN VPC to another VPC run the following template.
set parameters in conf/prod/peering-bridge-prod.yaml
run 'sceptre launch-stack prod peering-bridge-prod'
The VPCPeer.yaml template should setup the VPC peering
from the VPN VPC to the $PeerVPC in the account identified by $PeerAccountName.
This template should be run for each VPC peering connection therefore a
unique stack-name should be given for each run of this template.
Note - VPCPeer.yaml requires that the $PeerVPC be setup with CrossAccountRoleTemplate.json template which was added to the essentials.yaml template. An additional configuration step is required on the PeerVPC end to complete this setup, run the peer-route-config.yaml template to complete the configuration.
We have configured Travis to deploy CF template updates. Travis deploys using sceptre
- We use the AWS SSM to store secrets for this project. Sceptre retrieves the secrets using a sceptre ssm resolver and passes them to the cloudformation stack on deployment.