Rooba
/
lightning
mirror of https://github.com/Lightning-AI/lightning.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
lightning/docs/source-app/workflows/byoc/aws_console.rst

103 lines
2.6 KiB
ReStructuredText
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

:orphan:
.. _aws_console:
###########################################
Create AWS role with AWS management console
###########################################
See the following video for instructions:
.. raw:: html
<video width="100%" max-width="800px" controls autoplay muted playsinline
src="https://lightningaidev.wpengine.com/wp-content/uploads/2022/12/byoc.mp4"></video>
|
1.1- Create a role
------------------
The created role will give Lightning AI access (by specifying Ligthning account id), and will
1. Sign in to your AWS account. (If you dont have an AWS account, create one).
2. On AWS console search for IAM > Roles > Create role.
In your new role set the following:
* Trusted entity type -> AWS account.
* An AWS account -> Another AWS account -> Account id: 748115360335. (This is Lightning's account id).
3. Protect your role by creating a hard to guess password that will be used to authenticate Lightning (You will need to pass it to Lightning for authnetication).
* Set Require external ID: <put-your-hard-to-guess-token>
4. Click "Next"
1.2- Create a policy
--------------------
1. Click "Create policy" -> A new tab opens to the Create policy page.
2. Click the JSON tab and copy-paste the `contents of this JSON file <https://gist.github.com/rlizzo/4f36f64cf66fbe662ea6802f842b0433>` into the JSON workspace.
.. note: Ignore the warnings generated by AWS.
3. Click "Next:Tags" (you can skip this step)
4. Complete policy creation by adding a meaningful name and description to the policy.
For example:
Name -> "lightning-cloud"
Description -> "permission to manage EC2 instances"
5. Add policy to the role: Return to the browser tab that you were using to create a role.
Refresh the policy list and select the custom policy you just created (in this case “lai-byoc-policy”). The policy should appear at the top of the Policy List.
6. Click "Next".
7. Provide a meaningful name and description for the role, and click “Create Role”.
For example:
Name -> "lightning-cloud"
Description -> "Role for Lightning cloud permissions"
Congrats! You now successfully added the set up permissions needed for lightning to create a cluster.
------
**********************
Next: Create a cluster
**********************
You are now ready to create a Lightning cluster!
.. raw:: html
<div class="display-card-container">
<div class="row">
.. Add callout items below this line
.. displayitem::
:header: Create cluster
:description: Create an AWS cluster for running ligthning apps, skip to step 2
:button_link: create_cluster.html
:col_css: col-md-12
:height: 170
.. raw:: html
</div>
</div>
Reference in New Issue View Git Blame Copy Permalink