AWS (Amazon Web Services) is one of the world's largest cloud providers with the maturity and service offerings necessary to help innovate in cloud.
The AWS Cloud Provider plugin allows you to model extensible cloud blueprints that leverage the power of the AWS platform. Drag and drop compute, network and common services (such as load balancing), as well as AWS specific services, such as RDS, to build powerful outcomes for your organisation.
Plugin Features
The following table lists the features provided by this plugin.
Feature | Description |
Accounts |
Ability to add AWS as a cloud provider Refer to the article Managing Service Provider Accounts |
Blueprint Nodes |
AWS specific nodes appear in the blueprint canvas Refer to the article Blueprint Composer Nodes - AWS |
Enabling the Plugin
- Log in to the Broker UI as an administrative user
- Navigate to Admin > Plugins
- Locate the Amazon Web Services plugin tile - this appears under the Cloud Providers section
- If not already enabled, click the ellipses and select Enable
Note: The plugin may be enabled in a warning state if there are no provider accounts created - this is expected if this is the first time the plugin has been enabled - If required, add AWS accounts
- Click the Amazon Web Services plugin tile
Settings
The Settings tab lists the configuration parameters for the plugin.
The following table lists the available parameters and their functions.
Section | Setting | Description |
Regions | Region Exclusion List |
A comma-separated list of AWS region codes which will always be excluded from use. Default: aws-us-gov-global,us-gov-west-1,aws-global,aws-cn-global,cn-north-1,cn-northwest-1 |
Advanced | Windows Remote Access Protocol |
The selected method of managing deployed Windows virtual machine instances. |
Named Security Groups
Named Networks allows friendly names to be assigned to a security groups.
As security groups are unique to each AWS VPC, named security groups are mapped to security group IDs within a VPC, allowing the flexibility of using a single blueprint to be deployed across multiple environments. Using Named Networks also allows virtual machine instances within a blueprint to be attached to multiple security groups.
Where a blueprint doesn't use Named Security Groups, a deployment security group will be created with default management ports allowed.
The following management operations are available for Named Security Groups:
- Add
- View
- Remove
Example
In this example, the following two Named Security Groups have been created:
- Web Tier Security Group
- Database Tier Security Group
The named security groups are mapped to existing security groups within the AWS VPCs.
The blueprint is designed to deploy two Windows VMs - one of which can now be attached to the Web Tier Security Group Named Security Group, and the other attached to the Database Tier Security Group Named Security Group.
The blueprint also configured the Security Group nodes to use Named Security Groups.
Name Generation
Name Generators are templates which control how deployed resources are named. Refer to the article Managing Name Generators for more information and detailed steps in managing Name Generators.
The following resource types are supported by Name Generators for AWS:
- Virtual Machines
- Linux
- Windows
- Security Groups
- Network Load Balancers
Click the View button to review and select the Name Generator to use for the selected resource type.
The <DEFAULT> naming of resources uses the following template for name generation:
D${Deployment.id}-${Node.name}