AWS CloudFormation YAML template

EnsureDR Prerequisites

 

In this document, you will learn how to use the AWS CloudFormation YAML template to deploy a user, a group, and attach all necessary policies to the group in order to start using EnsureDR for AWS DRS.

YAML template file

 

Copy the following code and save it to a file on your computer or download the file from the following LINK. Later you will need to upload this file to the AWS CloudFormation console.

Here is the AWS CloudFormation YAML Template content that we created for you.

Parameters:
  Account:
    Type: String
    Default: EnsureDRuser
    Description: 'Enter a name for your EnsureDR account or leave the default name.'
  Group:
    Type: String
    Default: EnsureDRgroup
    Description: 'Enter a name for the group or leave the default name.'

Resources:
  EnsureDRUser:
    Type: 'AWS::IAM::User'
    Properties:
      UserName: !Sub '${Account}'
      Groups:
        - !Ref EnsureDRGroup

  EnsureDRGroup:
    Type: 'AWS::IAM::Group'
    Properties:
      GroupName: !Sub '${Group}'
      Path: '/'
      ManagedPolicyArns: # list of ARNs of IAM managed policies that you want to attach to the group
        - arn:aws:iam::aws:policy/AmazonEC2FullAccess
        - arn:aws:iam::aws:policy/AmazonS3FullAccess
        - arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryFailbackPolicy
        - arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryConversionServerPolicy
        - arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryAgentPolicy
        - arn:aws:iam::aws:policy/AWSElasticDisasterRecoveryConsoleFullAccess
        - arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryRecoveryInstancePolicy
        - arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryReplicationServerPolicy

 

AWS CloudFormation console

 

Please navigate to the AWS CloudFormation Console start page and click on the Create stack button.

Graphical user interface, text, website

Description automatically generated

In step 1, Specify template, click on Upload a template file, and then click the Choose file button. Now select the YAML file you saved in the previous step.

Graphical user interface, text, application, email

Description automatically generated

Now that you have selected and uploaded a template, click the Next button.

Graphical user interface, text, application

Description automatically generated

In Step 2, Specify stack details by entering the following details:

  • Enter the Stack name
  • Enter a name for your EnsureDR account or leave the default name
  • Enter a name for the group or leave the default name

Click on the Next button.

Graphical user interface, text, application

Description automatically generated

In Step 3, Configure stack options, scroll to the bottom of the page.

Click the Next button.

Graphical user interface, text, application, email

Description automatically generated

In Step 4, Review, then scroll to the bottom of the page.

Graphical user interface, application, Teams

Description automatically generated

Select the following checkbox:

  • I acknowledge that AWS CloudFormation might create IAM resources with custom names.

Now click the Create stack button.

Graphical user interface, text, application

Description automatically generated

To follow the creation process, you can click the refresh button (marked with a red square in the picture) to get an update from the AWS CloudFormation console.

Graphical user interface, text, application, email

Description automatically generated

When the whole process has completed successfully, you will see it in the AWS CloudFormation console output as shown in our example.

A screenshot of a computer

Description automatically generated

Now that the template has been implemented, go to AWS IAM to create an access key for the created user. You will need this access key when you create the job within the EnsureDR web console.

Once IAM opens, click Users in the left pane, then select the user you created from the list in the right pane.

Graphical user interface, application, website

Description automatically generated

The user details page will open, go to the Security credentials tab and click the Create access key button at the bottom.

Graphical user interface, text, application, email

Description automatically generated

A new window will pop up, click on Download .csv file button to save the file, then click the Close button.

Graphical user interface, text, application, email

Description automatically generated

You have now completed all the prerequisites that you need to create before you can start using EnsureDR. Save the downloaded file in a safe place or copy the data from the file into a password manager.