aws resource (account, vpc, ec2) manage client library using aws javascript sdk.
aws control tower is a feature you can manage other aws accounts AWS Control Tower Overview.
This is just a basic resource management library you can provision sub account -> a vpc with one subnet -> an ec2 with public ip.
AWS Control Tower setup is an optional, you can modify getCrossAccountCredentials (src/utils/helper.js) to bypass control tower.
- aws account (root account)
- aws control tower : when you create a sub aws account, it will be registered under this control tower (root account)
- aws access keys : for this app to access all these accounts and account resources
- when you create aws contol tower, you can easily find most of information in .env except one
AWS_ACCOUNT_FACTORY_PRODUCT_PATH_IDfor this, you will need to callgetServiceCatalogProductLaunchPathsfromaccount_manager.js, result will give you path id.
If you don't need aws control tower and want to manage resource directly in root aws account, change some code in getCrossAccountCredentials in utils/helper.js
- creates a sub aws account
a. it may take an hour or so, use
getProvisionedProductand wait until its status becomesAVAILABLEb. once it's AVAILABLE, you will notice it has a default vpc in all regions, you can usecleanupDefaultVpcsto delete them - creates a vpc with specific cidrblock (ex. 10.0.0.0/24) in a region
- in that vpc, it creates one subnet and one internet gateway
- creates few security groups a. allow http, https b. allow from specific IP (such as your computer) for ssh
- import ssh key for your computer to access a ec2
- creates an ec2 with a public IP
- copy
.env.examplefile and create a env file.env - fill up
.envaccordingly ( You can find some of env valriables info in AWS Service Catalog ) - generate ssh key (ed25519 recommended) pair (private, public) in ssh folder (in this project)
- feel free to take a look sample code
sample/sample.js