Get started with Amazon Managed Workflows for Apache Airflow
Amazon Managed Workflows for Apache Airflow uses the Amazon VPC, DAG code and supporting files in your Amazon S3 storage bucket to create an environment. This chapter describes the prerequisites and AWS resources needed to get started with Amazon MWAA.
Topics
Prerequisites
To create an Amazon MWAA environment, you may want to take additional steps to ensure you have permission to the AWS resources you need to create.
-
AWS account – An AWS account with permission to use Amazon MWAA and the AWS services and resources used by your environment.
About this guide
This section describes the AWS infrastructure and resources you'll create in this guide.
-
Amazon VPC – The Amazon VPC networking components required by an Amazon MWAA environment. You can configure an existing VPC that meets these requirements (advanced) as seen in About networking on Amazon MWAA, or create the VPC and networking components, as defined in Create the VPC network.
-
Amazon S3 bucket – An Amazon S3 bucket to store your DAGs and associated files, such as
plugins.zipandrequirements.txt. Your Amazon S3 bucket must be configured to Block all public access, with Bucket Versioning enabled, as defined in Create an Amazon S3 bucket for Amazon MWAA. -
Amazon MWAA environment – An Amazon MWAA environment configured with the location of your Amazon S3 bucket, the path to your DAG code and any custom plugins or Python dependencies, and your Amazon VPC and its security group, as defined in Create an Amazon MWAA environment.
Before you begin
To create an Amazon MWAA environment, you may want to take additional steps to create and configure other AWS resources before you create your environment.
To create an environment, you need the following:
-
AWS KMS key – An AWS KMS key for data encryption on your environment. You can choose the default option on the Amazon MWAA console to create an AWS owned key when you create an environment, or specify an existing Customer managed key with permissions to other AWS services used by your environment configured (advanced). To learn more, see Using customer managed keys for encryption.
-
Execution role – An execution role that allows Amazon MWAA to access AWS resources in your environment. You can choose the default option on the Amazon MWAA console to create an execution role when you create an environment. To learn more, see Amazon MWAA execution role.
-
VPC security group – A VPC security group that allows Amazon MWAA to access other AWS resources in your VPC network. You can choose the default option on the Amazon MWAA console to create a security group when you create an environment, or provide a security group with the appropriate inbound and outbound rules (advanced). To learn more, see Security in your VPC on Amazon MWAA.
Available regions
Amazon MWAA is available in the following AWS Regions.
-
Europe (Stockholm) - eu-north-1
-
Europe (Frankfurt) - eu-central-1
-
Europe (Zurich) - eu-central-2
-
Europe (Ireland) - eu-west-1
-
Europe (London) - eu-west-2
-
Europe (Paris) - eu-west-3
-
Europe (Milan)- eu-south-1
-
Europe (Spain) - eu-south-2
-
Asia Pacific (Mumbai) - ap-south-1
-
Asia Pacific (Hyderabad) - ap-south-2
-
Asia Pacific (Singapore) - ap-southeast-1
-
Asia Pacific (Sydney) - ap-southeast-2
-
Asia Pacific (Jakarta) - ap-southeast-3
-
Asia Pacific (Melbourne) - ap-southeast-4
-
Asia Pacific (Tokyo) - ap-northeast-1
-
Asia Pacific (Seoul) - ap-northeast-2
-
Asia Pacific (Osaka) - ap-northeast-3
-
Asia Pacific (Hong Kong) - ap-east-1
-
US East (N. Virginia) - us-east-1
-
US East (Ohio) - us-east-2
-
US West (N. California) - us-west-1
-
US West (Oregon) - us-west-2
-
Canada (Central) - ca-central-1
-
Canada West (Calgary) - ca-west-1
-
South America (São Paulo) - sa-east-1
-
Africa (Cape Town) - af-south-1
-
Israel (Tel Aviv) - il-central-1
-
Middle East (Bahrain) - me-south-1
-
Middle East (UAE) - me-central-1
What's next?
-
Learn how to create an Amazon S3 bucket in Create an Amazon S3 bucket for Amazon MWAA.
