From c765263f0c278cf583e49673b47606461c9baa08 Mon Sep 17 00:00:00 2001 From: Dharmendra Rai <106221238+dharmrai-vmw@users.noreply.github.com> Date: Sat, 16 Jul 2022 16:54:02 +0530 Subject: [PATCH] Update AWSFederalAirgap-DeploymentGuide.md Signed-off-by: dharmrai-vmw --- .../AWSFederalAirgap-DeploymentGuide.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/docs/product/release/AWS - Federal Airgap/AWSFederalAirgap-DeploymentGuide.md b/docs/product/release/AWS - Federal Airgap/AWSFederalAirgap-DeploymentGuide.md index a54758fa..3299cf80 100644 --- a/docs/product/release/AWS - Federal Airgap/AWSFederalAirgap-DeploymentGuide.md +++ b/docs/product/release/AWS - Federal Airgap/AWSFederalAirgap-DeploymentGuide.md @@ -255,9 +255,9 @@ Before deploying Tanzu Kubernetes Grid on AWS using Service Installer for VMware |--------|--------|--------| |all|End-to-End deployment using Ubuntu based STIG compliant OS|NA| |verify-all-inputs|Check all the inputs mentioned in [Deployment Steps](#deployment-steps) are set. Script mainly checks for mandatory variables|NA| - |vpc-endpoints-prechecks|Check if all the required endpoints mentioned in the [prerequisites](#prerequisites) section are attached to air-gapped VPC|Make sure all the mentioned endpoints are attached to VPC| - |cf|Make Cloud Formation if it doesn't exist along with roles, policies or profiles. Refer [AWS IAM components created by cf](#aws-iam-components-created-by-cf) section for more details|NA| - |install-harbor|If you are using a pre-created registry then refer to [Using an Existing Registry](#using-an-existing-registry) for details. Else, this step deploys Harbor on a new EC2 instance through Terraform. After the successful installation of Harbor, CA certificate is copied to the S3 bucket which is be used in the further steps.|Make sure IAM profile names `tkg-s3-viewer` and roles and policies are created according to the information in the [AWS IAM components created by cf](#aws-iam-components-created-by-cf) section| + |vpc-endpoints-prechecks|Check if all the required endpoints mentioned in the [Prerequisites](#prerequisites) section are attached to air-gapped VPC|Make sure all the mentioned endpoints are attached to VPC| + |cf|Make Cloud Formation if it doesn't exist along with roles, policies or profiles. Refer [AWS IAM Components Created by cf](#aws-iam-components-created-by-cf) section for more details|NA| + |install-harbor|If you are using a pre-created registry then refer to [Using an Existing Registry](#using-an-existing-registry) for details. Else, this step deploys Harbor on a new EC2 instance through Terraform. After the successful installation of Harbor, CA certificate is copied to the S3 bucket which is be used in the further steps.|Make sure IAM profile names `tkg-s3-viewer` and roles and policies are created according to the information in the [AWS IAM Components Created by cf](#aws-iam-components-created-by-cf) section| |check-for-ca-download|Checks and downloads the CA certificate generated by the `install-harbor` step. If the CA certificate is not available in S3, this step waits for a maximum of 1 hour. The CA certificate gets copied to S3 after successful installation of Harbor.|If you are using pre-created registry then refer to [Using an Existing Registry](#using-an-existing-registry) for details. Else, run `make install-harbor` command before running this command.| |setup-docker|Sets up local Docker with the downloaded Harbor CA certificate| Make sure these steps are done:
1. Harbor is up and running.
2. `check-for-ca-download` is performed.| |tkg-bootstrap-ami-offline|Builds Ubuntu based bootstrap AMI| Make sure these steps are done:
1. Make sure Harbor is up and running.
2. `check-for-ca-download` and `setup-docker` are performed.| @@ -391,6 +391,7 @@ curl -XPUT -H 'Content-Type: application/json' -u admin:$HARBOR_ADMIN_PWD "https ## Variables The `terraform/startup.sh` file contains the following configurable options that you can set within the file. + |Name|Default|Description |---|---|---| |AMI_ID|tkg_ami_id variable from Terraform|The AMI ID to deploy |