Edit me

Onboarding AWS Accounts to nOps with Terraform

nOps requires safe, secure, and AWS-approved access to your AWS accounts in order to give you the analysis, dashboards, and reports that you need. We only see what you want us to see in order to provide our services and we need you to give us permission first.

Prerequisites

  • Admin role permissions in AWS in order to add the AWS Payer and/or linked accounts to nOps using Terraform.

  • Access to the nOps public Github repository nOps Cloud Account Registration.

  • And API key generated from the nOps platform.

nOps Onboarding

When you log in to your nOps account for the first time, a pop-up screen will appear. This pop-up screen will guide you on how you can add your AWS account(s) to nOps:

  1. Select the IaaC Multiple Accounts Setup option and click Next.
  2. This section informs you of the prerequisites needed to complete the process. To generate an API key, click Proceed to Create API Key.

  3. In the Generate new API key section

    Enter:

    • An API key name

    • API Key description

  4. After you add all the information, click Generate.

At this point, it’s time to move to Terraform to finish the process.

Terraform for AWS Linked Accounts

nOps AWS Integration Terraform Module

https://github.com/nops-io/nops-integration/tree/main/platform/aws_setup_terraform#nops-aws-integration-terraform-module

Description

https://github.com/nops-io/nops-integration/tree/main/platform/aws_setup_terraform#description

This Terraform module automates the process of integrating your AWS account(s) with nOps, a cloud management and optimization platform. It streamlines the setup of necessary AWS resources and permissions, enhancing the onboarding experience for nOps users.

Features

https://github.com/nops-io/nops-integration/tree/main/platform/aws_setup_terraform#features

  • Automatic detection of existing nOps projects for the AWS accounts
  • Creation of new nOps projects if none exist
  • Handling of payer and linked AWS accounts
  • Automatic setup of IAM roles and policies for nOps integration
  • S3 bucket creation and configuration for payer accounts
  • Integration with nOps API for secure token exchange

Prerequisites

https://github.com/nops-io/nops-integration/tree/main/platform/aws_setup_terraform#prerequisites

  • Terraform v0.13+
  • AWS CLI configured with appropriate permissions
  • nOps API key

Usage

https://github.com/nops-io/nops-integration/tree/main/platform/aws_setup_terraform#usage

  1. Clone this repository:

  2. Create a terraform.tfvars file with your specific variables:

     aws_region = "us-west-2"
     api_key    = "your-nops-api-key"
     system_bucket_id = "your-system-bucket-id"
    
  3. Initialize Terraform:

     terraform init
    
  4. Plan and apply the Terraform configuration:

     terraform apply
    
  5. If you want to allow the role to be reconfigured:

     terraform apply -var="reconfigure=true"
    

After your Terraform apply has finished, your accounts should list within the nOps platform.

Troubleshooting

  • If you run this with an existing role, you may see an error like:

At which point you can run the command with the reconfigure variable set to true.

  • You can import the role to terraform state by running the following command

      terraform import aws_iam_role.nops_integration_role NopsIntegrationRole-xxxxx
    



Managing Karpenter Configurations With nOps IaC support
Managing Resources With Karpenter GitOps Support
Configuring ASGs by Tag
nOps Copilot-Managed ASGs
Compute Copilot For ASG Support Matrix
Onboarding your Autoscaling Groups to nOps Compute Copilot
Onboarding your Autoscaling Groups to nOps Compute Copilot via Stackset
Compute Copilot for ECS
Onboarding your EKS clusters to Copilot for EKS Cluster Autoscaler
EKS Insights Dashboard
Compute Copilot for EKS - Karpenter Beta Support
Onboarding your EKS clusters to Compute Copilot for EKS Karpenter
Minimum IAM permissions for the nOps platform
IAM permissions for the nOps platform
IAM permissions for Essentials
Commitment Management Permissions
Offboarding from the nOps platform
Onboarding Multiple AWS Linked Accounts with CloudFormation
Service Control Policies
Onboarding AWS with Automatic Setup
Onboarding AWS with 1-click CloudFormation
AWS SSO Integration
Azure SSO Integration
SSO Integration
Okta SSO Integration
OneLogin SSO Integration
Back to top       Home