AWS + Self Hosted OpsLevel
The Software-as-a-Service version of OpsLevel uses a IAM User that customers allow to assume a role in their AWS account when you configure the AWS Integration, self hosted OpsLevel requires an additional step before integrating with AWS where you need to create that user, hand the credentials to the OpsLevel application via environment variables and then during the standard setup you will be write a trust policy for this user you created instead of the SAAS OpsLevel IAM User.
The simplest way to create this new IAM User is using Terraform and we've provided an example Terraform configuration below.
resource "aws_iam_user" "opslevel-aws-integration" {
name = "terraform"
path = "/"
}
resource "aws_iam_access_key" "opslevel-aws-integration" {
user = aws_iam_user.opslevel-aws-integratio.name
}
resource "aws_iam_user_policy_attachment" "opslevel-aws-integration" {
user = aws_iam_user.opslevel-aws-integration.name
policy_arn = "arn:aws:iam::aws:policy/AssumeRolePolicy"
}
Once the new IAM User is available and you have the access and secret keys you give these to the helm chart like this.
integrations:
aws:
enabled: true
secret:
accessKey: "<YOUR ACCESS KEY>"
secretKey: "<YOUR SECRET KEY>"
Once you have made this update to your helm chart for opslevel and successfully deployed the application you can follow the typical steps outlined in our AWS Integration guide.
When you follow the standard AWS integration make sure you replace the user in the trust policy with the ARN from the user you just created above.
Updated 2 months ago