Getting Started with AWS OpsWorks for Chef Automate
AWS OpsWorks for Chef Automate lets you run a Chef Automate server in AWS. You can provision a Chef server in about 15 minutes.
The following walkthrough helps you create your first Chef server in AWS OpsWorks for Chef Automate.
First, create the resources outside of AWS OpsWorks for Chef Automate that you'll need to access and manage your Chef server. If you already have an AWS account set up, skip to Set Up a VPC.
Get an AWS Account and Your AWS Credentials
To access AWS, you will need to sign up for an AWS account.
To sign up for an AWS account
Open https://aws.amazon.com/, and then choose Create an AWS Account.
Follow the online instructions.
Part of the sign-up procedure involves receiving a phone call and entering a PIN using the phone keypad.
AWS sends you a confirmation e-mail after the sign-up process is complete. At any time, you can view your current account activity and manage your account by going to https://aws.amazon.com/ and clicking My Account/Console.
To get your access key ID and secret access key
Access keys consist of an access key ID and secret access key, which are used to sign programmatic requests that you make to AWS. If you don't have access keys, you can create them by using the AWS Management Console.
To create access keys, you must have permissions to perform the required IAM actions. For more information, see Granting IAM User Permission to Manage Password Policy and Credentials in the IAM User Guide.
Open the IAM console.
In the navigation pane, choose Users.
Choose your IAM user name (not the check box).
Choose the Security Credentials tab and then choose Create Access Key.
To see your access key, choose Show User Security Credentials. Your credentials will look something like this:
Access Key ID: AKIAIOSFODNN7EXAMPLE
Secret Access Key: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
Choose Download Credentials, and store the keys in a secure location.
Your secret key will no longer be available through the AWS Management Console; you will have the only copy. Keep it confidential in order to protect your account, and never email it. Do not share it outside your organization, even if an inquiry appears to come from AWS or Amazon.com. No one who legitimately represents Amazon will ever ask you for your secret key.
Set Up a VPC
Your AWS OpsWorks for Chef Automate server must operate in an Amazon Virtual Private Cloud. You can add it to an existing VPC, use the default VPC, or create a new VPC to contain the server. For information about Amazon VPC and how to create a new VPC, see the Amazon VPC Getting Started Guide.
If you create your own VPC, or use an existing one, the VPC should have the following settings or properties.
The VPC should have a single, public subnet.
DNS resolution should be enabled.
On the subnet, enable Auto-assign public IP.
If you are unfamiliar with creating VPCs or running your instances in them, you can run the following AWS CLI command to create a VPC, by using an AWS CloudFormation template that AWS OpsWorks provides for you. If you prefer to use the AWS Management Console, you can also upload the template to the AWS CloudFormation console.
aws cloudformation create-stack --stack-name OpsWorksVPC --template-url https://s3.amazonaws.com/opsworks-cm-us-east-1-prod-default-assets/misc/opsworks-cm-vpc.yaml
Set Up an EC2 Key Pair (Optional)
An SSH connection is not necessary or recommended for typical management of the Chef
server; you can use
knife commands to perform most management tasks on your Chef
An EC2 key pair is required to connect to your server by using SSH in the event that you lose or want to change the sign-in password for the Chef Automate dashboard. You can use an existing key pair, or create a new key pair. For more information about how to create a new EC2 key pair, see Amazon EC2 Key Pairs.
If you don't need an EC2 key pair, you are ready to create a Chef server.