Additional Installations
StackOps can be installed in multiple AWS Accounts using the same license key. Each installation can serve a distinct purpose and have unique access permissions, such as:
- Enterprise Installation: Ideal for managing AWS Stacks across all AWS Accounts within an AWS Organization.
- Solution Installation: Designed for managing specific solutions, such as web applications or APIs.
Leverage the OrganizationAccountAccessRole for the Enterprise Installation
When AWS Organization creates an account it creates an admin role named "OrganizationAccountAccessRole". IAM users in the master account can assume this role to access the member account.
To use this role in StackOps:
- ensure that
AuthorizedUserArnsparameter set during installation includes Principals from the master account (eg use the master account number); and - use the
OrganizationAccountAccessRoleARN as theRoleArnparameter in the StackOps deployment files.
Use the Enterprise Installation to Create Additional StackOps Installations
Because StackOps is simply installed by creating a CloudFormation stack in AWS, it is trival to create additional StackOps installations (ie "Solution Installations") from the Enterprise Installation that are locked down.
Clone the stackops-installation repository and follow the instructions in the README to create a Solution Installation.
Labelling an Installation
Each StackOps installation can be labelled to clearly show its purpose.
- Log in
- Navigate to Configuration tab
- Click edit within Application Configuration
- Enter an installation name and choose a display colour
Solution Installations often utilize 'branched' deployments for 'dev', 'test', and 'prod' environments. In contrast, Enterprise Installations typically do not include 'branched' deployments, as parallel environments are not relevant at this level.