Documentation
Prepare to Deploy a Management Cluster to AWS ¶
This topic explains how to prepare your environment before you deploy a management cluster to Amazon Web Services (AWS).
To enable Tanzu Community Edition VMs to launch on Amazon EC2, you must configure your AWS account credentials and then provide the public key part of an SSH key pair to Amazon EC2 for every region in which you plan to deploy a management cluster.
Before you begin ¶
- Ensure the the Tanzu CLI is installed locally on the bootstrap machine. See Install the Tanzu CLI.
- Install
jq
locally on the bootstrap machine. The AWS CLI usesjq
to process JSON when creating SSH key pairs. - Install the AWS CLI
- Ensure you have an active AWS account.
- Review the reference information for your AWS account here: Reference information for AWS Account.
Procedure ¶
To configure your AWS account credentials and SSH key pair, perform the following steps:
Create an access key and access key secret for your active AWS account. For more information, see AWS Account and Access Keys in the AWS documentation.
Configure AWS credentials using one of the following methods:
a. Set local environment variables on your local bootstrap machine. To use local environment variables, you specify your AWS account credentials statically in local environment variables. Set the following environment variables for your AWS account:
export AWS_ACCESS_KEY_ID=aws_access_key export AWS_SECRET_ACCESS_KEY=aws_access_key_secret export AWS_REGION=aws_region
or
b. Configure a credentials profile using the
AWS configure
command. RunAWS configure
and enter your access key, access key secret, and region. For more information, see Configuring the AWS CLI.For each region that you plan to use with Tanzu Community Edition, create a named key pair, and output a
.pem
file that includes the name. For example, the following command usesdefault
and saves the file asdefault.pem
:aws ec2 create-key-pair --key-name default --output json | jq .KeyMaterial -r > default.pem
To create a key pair for a region that is not the default in your profile, or set locally as
AWS_DEFAULT_REGION
, include the--region
option.Log in to your Amazon EC2 dashboard and go to Network & Security > Key Pairs to verify that the created key pair is registered with your account.
Create an AWS profile, for more information, see Profiles in the AWS documentation.