mirror of
https://github.com/goauthentik/authentik
synced 2026-04-27 18:07:15 +02:00
6ed5cb5249
* website/integrations: rename "Create with Provider" to "New Application" The application list page now uses a split-button labeled "New Application" instead of the old "Create with Provider" dropdown. Update all 113 integration guides to match. * website/docs: update flow, stage, and policy button labels - "Create" → "New Flow", "New Stage", "New Policy" for trigger buttons - "Finish" → "Create Flow", "Create Stage", "Create Policy" for submit - "Create and bind stage" → "New Stage" / "Bind Existing Stage" - "Create" (binding submit) → "Create Stage Binding" * website/docs: update provider button labels - "Create" → "New Provider" for trigger buttons - "Create with Provider" → "New Application" in RAC docs - "Create" → "New Property Mapping", "New RAC Endpoint", "New Prompt" for related entity creation * website/docs: update directory button labels - "Create" → "New Source" for federation/social login pages - "Create" → "New Role", submit → "Create Role" - "Create" → "New Invitation" - Policy binding submit → "Create Policy Binding" * website/docs: update endpoint device and system management button labels - "Create" → "New Endpoint Connector", "New Enrollment Token", "New Device Access Group", "New Flow" - Submit → "Create Device Access Group" - "Create" → "New Notification Rule", "New Notification Transport" - Binding submit → "Create Policy Binding" * Reorganize policy documentation * website/docs: address policy docs review feedback * post-rebase * website/docs: Reorganize policy documentation -- Revisions (#21601) * apply suggestions * Fix escaped. * Fix whitespace. * Update button label. * Fix phrasing. * Fix phrasing. * Clean up stragglers. * Format. --------- Co-authored-by: Dominic R <dominic@sdko.org>
44 lines
2.0 KiB
Markdown
44 lines
2.0 KiB
Markdown
---
|
|
title: AWS installation
|
|
---
|
|
|
|
You can install authentik to run on AWS with a CloudFormation template.
|
|
|
|
### Prerequisites
|
|
|
|
- An AWS account.
|
|
- An [AWS Certificate Manager](https://aws.amazon.com/certificate-manager/) certificate. Take note of the ARN of the certificate.
|
|
|
|
### Installation
|
|
|
|
Log in to your AWS account and create a CloudFormation stack [with our template](https://console.aws.amazon.com/cloudformation/home#/stacks/create/review?stackName=authentik&templateURL=https://authentik-cloudformation-templates.s3.amazonaws.com/authentik.ecs.latest.yaml).
|
|
|
|
Under the **Certificate ARN** input, enter the previously created certificate ARN. You can also configure other settings if needed. You can follow the prompts to create the stack.
|
|
|
|
This stack will create the following resources:
|
|
|
|
- AWS SSM secrets for the PostgreSQL user and the authentik secret key
|
|
- A VPC for all other resources
|
|
- A RDS PostgreSQL Multi-AZ cluster
|
|
- An ECS cluster with two tasks:
|
|
- One for the authentik server
|
|
- One for the authentik worker
|
|
- An ALB (Application Load Balancer) pointing to the authentik server ECS task with the configured certificate
|
|
- An EFS filesystem mounted on both ECS tasks for file storage
|
|
|
|
The stack will output the endpoint of the ALB to which you can point your DNS records.
|
|
|
|
## Access authentik from AWS CloudFormation
|
|
|
|
To launch authentik, in your browser go to:
|
|
|
|
`http://<domain_you_configured>/if/flow/initial-setup/`
|
|
|
|
:::info Initial setup in browser
|
|
You will get a `Not Found` error if initial setup URL doesn't include the trailing forward slash `/`. Also verify that the authentik server, worker, and PostgreSQL database are running and healthy. Review additional tips in our [troubleshooting docs](../../troubleshooting/login.md#cant-access-initial-setup-flow-during-installation-steps).
|
|
:::
|
|
|
|
### Further customization
|
|
|
|
If you require further customization, we recommend you install authentik via [Docker Compose](./docker-compose.mdx) or [Kubernetes](./kubernetes.md).
|