Connecting the blueprint design server to Amazon Web Services
To connect the blueprint design server to Amazon Web Services (AWS), map the AWS account information to a functional ID. Then, assign that functional ID to a team.
- Obtain a Heat engine and an OpenStack Keystone server. The engine version must match the version of the Keystone server. In most cases for deploying to non-OpenStack clouds, install a Heat engine and Keystone server through IBM® UrbanCode® Deploy. See Installing an engine in silent mode or Installing an engine in interactive mode.
- Create a functional user account on the Keystone server. This user account
must be a member of the administrative tenant on the Keystone server. If you use the Keystone server
that was supplied with the engine, you can use the default administrative tenant credentials. The Keystone server's
default administrative tenant user name is
admin
and the default password isopenstack1
. Later, you associate the AWS account information with this functional ID. With this account, users can authenticate to AWS. - Install the blueprint design server. See Installing the blueprint design server.
- Connect the blueprint design server to the server. See Connecting the blueprint design server to the server.
- Configure an authentication realm for the blueprint design server. You can import users from a variety of sources, including LDAP servers, Keystone identity services, the IBM UrbanCode Deploy server, or from the internal authentication realm. See Creating authentication realms for the blueprint designer.
- Ensure that the blueprint design server can connect to AWS. You can verify the connection path
with the curl or telnet commands. For example, make sure that
no firewall, proxy, or security settings prevent communication between the blueprint design server
and the cloud. The blueprint design server must be able to access the AWS endpoints for the regions
that you plan to use, such as
ec2.ap-northeast-1.amazonaws.com
andec2.us-west-2.amazonaws.com
.