c6ee7b6881
* initial Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use same startup template Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix check not working Signed-off-by: Jens Langhammer <jens@goauthentik.io> * unrelated: fix inspector auth Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * ensure oobe flow can only accessed via correct url Signed-off-by: Jens Langhammer <jens@goauthentik.io> * set setup flag when applying bootstrap blueprint when env is set Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add system visibility to flags to make them non-editable Signed-off-by: Jens Langhammer <jens@goauthentik.io> * set setup flag for e2e tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests and linting Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make github lint happy Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make tests have less assumptions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Update docs * include more heuristics in migration Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add management command to set any flag Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate worker command to signal Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improved api for setting flags Signed-off-by: Jens Langhammer <jens@goauthentik.io> * short circuit Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
1.8 KiB
title
| title |
|---|
| AWS installation |
You can install authentik to run on AWS with a CloudFormation template.
Prerequisites
- An AWS account.
- An AWS Certificate Manager certificate. Take note of the ARN of the certificate.
Installation
Log in to your AWS account and create a CloudFormation stack with our template.
Under the Certificate ARN input, enter the previously created certificate ARN. You can also configure other settings if needed. You can follow the prompts to create the stack.
This stack will create the following resources:
- AWS SSM secrets for the PostgreSQL user and the authentik secret key
- A VPC for all other resources
- A RDS PostgreSQL Multi-AZ cluster
- An ECS cluster with two tasks:
- One for the authentik server
- One for the authentik worker
- An ALB (Application Load Balancer) pointing to the authentik server ECS task with the configured certificate
- An EFS filesystem mounted on both ECS tasks for file storage
The stack will output the endpoint of the ALB to which you can point your DNS records.
Access authentik from AWS CloudFormation
To start the initial setup, navigate to http://<domain_you_configured>.
You are then prompted to set a password for the akadmin user (the default user).
:::info Issues with initial setup If you run into issues, refer to our troubleshooting docs. :::
Further customization
If you require further customization, we recommend you install authentik via Docker Compose or Kubernetes.