Installing a connector on AWS ECS using Terraform
Create a connector on Amazon Elastic Container Service
Connectors are secure on-prem components that link Apono and your resources:
No secrets are read, cached, or stored.
No account admin privileges need to be granted to Apono.
The connector contacts your secret store or key vault to sync data or provision access.
Once set up, this connector will enable you to sync data from cloud applications and grant and revoke access permissions through Amazon Elastic Container Service (ECS).
Prerequisites
AdminstratorAccess Role
Apono Token
Account-specific Apono authentication value Use the following steps to obtain your token:
Click AWS > Install and Connect AWS Account. > Terraform (ECS).
Copy the token in step listed on the page in step 1.
Virtual Private Cloud (VPC) ID
Subnet IDs
Terraform CLI
Install a connector
Use the following steps to install an Apono connector for AWS on ECS:
At the shell prompt, define an environment variable named
TF_VAR_APONO_TOKEN
with your Apono token value.
In a new or existing Terraform (.tf) file, add the following provider and module information to create a connector with permissions or without permissions.
When using the following snippets, be sure to use the correct value for assignPublicIp
:
true
: Set when a subnet has an Internet Gatewayfalse
: Set shen a subnet has a NAT Gateway
Enables installing the connector in the cloud environment and managing access to resources, such as Amazon RDS, S3 buckets, EC2 machines, and self-hosted databases
At the Terraform CLI, download and install the provider plugin and module.
Apply the Terraform changes. The proposed changes and a confirmation prompt will be listed.
Enter yes to confirm deploying the changes to your AWS account.
On the Connectors page, verify that the connector has been deployed.
FAQ
Last updated