Launch the stack
This automated AWS CloudFormation template deploys Workload Discovery on AWS in the AWS Cloud. You must gather deployment parameter details before launching the stack. For details, refer to Prerequisites.
Time to deploy: Approximately 30 minutes
-
Sign in to the AWS Management Console
and select the button to launch the workload-discovery-on-aws.templateAWS CloudFormation template.
-
The template launches in the US East (N. Virginia) Region by default. To launch the solution in a different AWS Region, use the Region selector in the console navigation bar.
Note
This solution uses services that are not available in all AWS Regions. Refer to Supported AWS Regions for a list of supported AWS Regions.
-
On the Create stack page, verify that the correct template URL is in the Amazon S3 URL text box, and choose Next.
-
On the Specify stack details page, assign a name to your solution stack. For information about naming character limitations, refer to IAM and AWS STS quotas in the AWS Identity and Access Management User Guide.
-
Under Parameters, review the parameters for this solution template and modify them as necessary. This solution uses the following default values.
| Parameter | Default | Description |
|---|---|---|
| AdminUserEmailAddress |
<Requires input>
|
An email address to create the first user. The temporary credentials will be sent to this email address. |
| AlreadyHaveConfigSetup |
|
Confirmation of whether or not you already have AWS Config set up in the deployment account. For details, refer to Prerequisites. |
| AthenaWorkgroup |
|
The workgroup that will be used to issue the Athena query when the Cost feature is enabled. |
| ApiAllowListedRanges |
|
Comma separated list of CIDRs to manage access to the AppSync GraphQL API. To
allow the entire internet, use 0.0.0.0/1,128.0.0.0/1. If restricting access to
specific CIDRs, you must also include the IP addresses (and a subnet mask of /32) of
the NAT gateways that allow the discovery process ECS task running in its private
subnet to access the internet. NoteThis allow list does not govern access to the WebUI, only the GraphQL API. |
| CreateNeptuneReplica |
|
Choose whether to create a read replica for Neptune in a
separate Availability Zone. Choosing Yes improves
resilience but increases the cost of this solution.
|
| CreateOpenSearchServiceRole |
|
Confirmation of whether or not you already have a service-linked role for Amazon OpenSearch Service. For details, refer to Prerequisites. |
| NeptuneInstanceClass |
|
The instance type used to host the Amazon Neptune database. What you select here affects the cost of running this solution. |
| OpensearchInstanceType |
|
The instance type used for your OpenSearch Service data nodes. Your selection affects the cost of running the solution. |
| OpensearchMultiAz |
|
Choose whether to create an OpenSearch Service cluster
that spans multiple Availability Zones. Choosing Yes
improves resilience but increases the cost of this
solution.
|
| CrossAccountDiscovery |
|
Choose whether Workload Discovery on AWS or AWS Organizations manages the importing of accounts. The value
can be SELF_MANAGED or AWS_ORGANIZATIONS.
|
| OrganizationUnitId | <Optional input> |
The root organization unit ID. This parameter is only used
when
CrossAccountDiscovery
is set to AWS_ORGANIZATIONS.
|
| AccountType |
|
The type of AWS Organizations account to install Workload
Discovery on AWS in. This parameter is only used when
CrossAccountDiscovery
is set to AWS_ORGANIZATIONS. For details, refer to
Choosing
the deployment account.
|
| ConfigAggregatorName | <Optional input> |
The AWS Organization-wide Config aggregator to use. You
must install the solution in the same account and Region
as this aggregator. If you leave this parameter blank, a
new aggregator will be created. This parameter is only
used when
CrossAccountDiscovery
is set to AWS;_ORGANIZATIONS.
|
| CpuUnits |
|
The number of CPUs to allocate for the Fargate task that the discovery process runs in. |
| Memory |
|
The amount of memory to allocate for the Fargate task that the discovery process runs in. |
| DiscoveryTaskFrequency |
|
The time interval between every run of the discovery process ECS task. |
| MinNCUs |
|
Minimum
Neptune
Capacity Units (NCUs) to be set on the Neptune
cluster (must be less than or equal to
MaxNCUs). Required if
DBInstance type is db.serverless.
|
| MaxNCUs |
|
Maximum NCUs to be set on the Neptune cluster (must be
greater than or equal to
MinNCUs). Required if
DBInstance type is db.serverless.
|
| VpcId | <Optional input> | The ID of an existing VPC for the solution to use. If you leave this parameter blank, a new VPC will be provisioned. |
| VpcCidrBlock | <Optional input> | The VPC CIDR block of the VPC referenced by the VpcId parameter. This parameter is only used if the VpcId parameter is set. |
| PrivateSubnet0 | <Optional input> | The private subnet you wish to use. This parameter is only used if the VpcId parameter is set. |
| PrivateSubnet1 | <Optional input> | The private subnet you wish to use. This parameter is only used if the VpcId parameter is set. |
-
Choose Next.
-
On the Configure stack options page, choose Next.
-
On the Review page, review and confirm the settings. Select the boxes acknowledging that the template creates IAM resources and require certain capabilities.
-
Choose Create stack to deploy the stack.
You can view the status of the stack in the AWS CloudFormation Console in the Status column. You should receive a CREATE_COMPLETE status in approximately 30 minutes.
Note
If deleted, this stack removes all resources. If the stack is updated, it retains the Amazon Cognito user pool to ensure that configured users aren’t lost.
