EnsureDR Prerequisites

 

In this document, you will learn how to use the AWS CloudFormation YAML template to deploy a user, a group, and attach all necessary policies to the group in order to start using EnsureDR for AWS DRS.

YAML template file

 

Copy the following code and save it to a file on your computer or download the file from the following LINK. Later you will need to upload this file to the AWS CloudFormation console.

Here is the AWS CloudFormation YAML Template content that we created for you.

Parameters:   Account:     Type: String     Default: EnsureDRuser     Description: 'Enter a name for your EnsureDR account or leave the default name.'   Group:     Type: String     Default: EnsureDRgroup     Description: 'Enter a name for the group or leave the default name.' Resources:   EnsureDRUser:     Type: 'AWS::IAM::User'     Properties:       UserName: !Sub '${Account}'       Groups:         - !Ref EnsureDRGroup   EnsureDRGroup:     Type: 'AWS::IAM::Group'     Properties:       GroupName: !Sub '${Group}'       Path: '/'       ManagedPolicyArns: # list of ARNs of IAM managed policies that you want to attach to the group         - arn:aws:iam::aws:policy/AmazonEC2FullAccess         - arn:aws:iam::aws:policy/AmazonS3FullAccess         - arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryFailbackPolicy         - arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryConversionServerPolicy         - arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryAgentPolicy         - arn:aws:iam::aws:policy/AWSElasticDisasterRecoveryConsoleFullAccess         - arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryRecoveryInstancePolicy         - arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryReplicationServerPolicy

 

AWS CloudFormation console

 

Please navigate to the AWS CloudFormation Console start page and click on the Create stack button.

In step 1, Specify template, click on Upload a template file, and then click the Choose file button. Now select the YAML file you saved in the previous step.

Now that you have selected and uploaded a template, click the Next button.

In Step 2, Specify stack details by entering the following details:

• Enter the Stack name
• Enter a name for your EnsureDR account or leave the default name
• Enter a name for the group or leave the default name

Click on the Next button.

In Step 3, Configure stack options, scroll to the bottom of the page.

Click the Next button.

In Step 4, Review, then scroll to the bottom of the page.

Select the following checkbox:

• I acknowledge that AWS CloudFormation might create IAM resources with custom names.

Now click the Create stack button.

To follow the creation process, you can click the refresh button (marked with a red square in the picture) to get an update from the AWS CloudFormation console.

When the whole process has completed successfully, you will see it in the AWS CloudFormation console output as shown in our example.

Now that the template has been implemented, go to AWS IAM to create an access key for the created user. You will need this access key when you create the job within the EnsureDR web console.

Once IAM opens, click Users in the left pane, then select the user you created from the list in the right pane.

The user details page will open, go to the Security credentials tab and click the Create access key button at the bottom.

A new window will pop up, click on Download .csv file button to save the file, then click the Close button.

You have now completed all the prerequisites that you need to create before you can start using EnsureDR. Save the downloaded file in a safe place or copy the data from the file into a password manager.