Versions Compared

Old Version 2

changes.mady.by.user Bhakti Honmute

Saved on

compared with

New Version Current

changes.mady.by.user Eric Schullek

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

AWS Client Stack

CAM does not store, nor take possession of, the organization’s documents at any point. CAM only stores metadata about the documents, workspaces, sites, Teams, channels and folders. Whenever document storage is required, either temporarily using ETL or for longer term with Business Continuity, it uses a cloud storage bucket controlled by the organization. Prosperoware provides a small piece of code to be configured on that cloud storage bucket to provide the integration needed for content sync or storage. Currently we support AWS S3 buckets as an option, but we plan to support Azure as an alternative.

...

Expand
title1. Create SQS Queues

Create 2 SQS queues manually as follows:

  1. contentsync-prod-job-process-v1

Description

Standard Queue

Receive Message Wait Time: 0 seconds

Message Retention Period: 14 days

Maximum Message Size: 256 (kB)

Don't use redrive policy

Don't use SSE (Server-Side Encryption)

Delivery Delay: 0 seconds

Default Visibility Timeout: 16 minutes

contentsync-prod-etl-process-v1

Description

Standard Queue

Receive Message Wait Time: 0 seconds

Message Retention Period: 14 days

Maximum Message Size: 256 (kB)

Don't use redrive policy

Don't use SSE (Server-Side Encryption)

Delivery Delay: 0 seconds

Default Visibility Timeout: 16 minutes

Expand
title2. Create S3 Buckets

Create 2 buckets manually:

content-sync-configuration-$subdomain - This bucket will use to share AWS setup script to user.

$subdomain-prosperoware-io-encrypted-bucket - This bucket will use to store client's content. Set default encryption to AES-256

📗

Note: $subdomain Specify your subdomain name.

Expand
title3. Create VPC

  • Prosperoware will share the scripts to create VPC.

  • Download the scripts will be available at content-sync-configuration-$subdomain/vpc-configuration/.

  • Configure AWS CLI. Follow instructions provided at AWS: AWS CLI.

  • Execute below command on the terminal to create VPC:

  • sh deploy.script create-stack --region us-east-1

📗

Note: --region Specify which AWS Region to send this command's AWS request to.

Expand
title4. Create Security Group for Lambda

  1. Head over to VPC

  2. Under Security Group click Create Security Group:

  • Set the security group name to Lambda-SG

  • Select the VPC created from previous step.

  • Add a rule for inbound and outbound as All Trafic and Source 0.0.0.0/0 or Destination as 0.0.0.0/0

...

Expand
title6. Create CodeBuild project

  1. Go to CodeBuild Console

  2. Click Create build project.

  3. Setup a Project name and Description in section Project Configuration.

  4. Select the source provider to S3.

  5. Choose the bucket content-sync-configuration-$subdomain created in previous steps.

  6. Select s3 object key or folder type “serverless/

📗

Note:

 

This folder on S3 used for stack.

7. Select operating system Ubuntu as Environment Section

8. Set the Runtime (s) to standard. Set image to: aws/codebuild/standard:2.0. Image version to Always use the latest image for this runtime version. And environment type to Linux.

9. Leave the privileges section unchecked.

10. Select New service role and set the role name to contentsync_role.

11. Click on Additional Configuration.

12. Set VPC to created in the previous steps.

13. Set the Subnets to Private Subnet #1 and Private Subnet #2.

14. Set the Security Group to the Lambda Security Group created at Step #3.

15. Under BuildSpec, select insert build commands and insert the build spec file shared at S3Content/serverless/buildspec.yml.

📗

Note: Update --region if it's other than us-east-1.

16.On the buildspec file there are some pre-configured commands that don’t need changes:

  • The runtime version. Installing serverless. Deploying the Stack to the desired AWS region.

17. No change to artifacts.

18. Enable CloudWatch logs option.

19. Set The group name and stream name to blank.

20. Click create build project.

...

Expand
title8. Edit IAM Role for Code build

On the IAM console go to Roles.

Click contentsync_role.

Under Permissions of role, attach the AdministratorAccess Policy.

📗

Note: This policy is managed by AWS and permission is given to the CodeBuild service alone. It is required to create and update multiple services such as CloudFormation stack, Lambda function, DynamoDB table, etc.

Expand
title9. Deploy Stack

  1. Go to CodeBuild service console.

  2. Click the created Content Sync project under Build Projects.

  3. Click Start Build.

The data under Start Build section is predefined and do not be overwritten.

...