Skip to content

Commit 755b697

Browse files
felixziegerfelixzieger
committed
include accounts in prerequisites
1 parent ee49a4a commit 755b697

File tree

1 file changed

+11
-11
lines changed

1 file changed

+11
-11
lines changed

README.md

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -12,13 +12,13 @@ This terraform module is used to integrate AWS into a meshStack instance as a me
1212

1313
- [Terraform installed](https://learn.hashicorp.com/tutorials/terraform/install-cli)
1414
- [AWS CLI installed](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html)
15+
- Three accounts to segregate accounts by function.
16+
- management account: organization management account, the account that hosts the AWS Organization
17+
- meshcloud account: meshStack will use this account to host the IAM users used by meshStack
18+
- automation account: meshStack will use this account to manage CloudFormation that are used in [Landing Zones](https://docs.meshcloud.io/docs/meshcloud.landing-zones.html).
19+
- AdministratorAccess in those accounts.
1520

16-
This module assumes you are following landing zone best practices and segregate accounts by function.
17-
To call this module, you will need three `aws` providers set up against different accounts
18-
19-
- management account: organization management account, the account that hosts the AWS Organization
20-
- meshcloud account: meshStack will use this account to host the IAM users used by meshStack
21-
- automation account: meshStack will use this account to manage CloudFormation that are used in [Landing Zones](https://docs.meshcloud.io/docs/meshcloud.landing-zones.html).
21+
## Overview of the integration
2222

2323
Here is how the users and roles for the meshplatform fit together:
2424

@@ -40,12 +40,10 @@ graph LR;
4040
replicatorUser--Trusted Entity with External-id-->meshfedAutomationRole
4141
```
4242

43-
If you're planning to execute the setup manually, one simple way to set up the required providers is by setting up three
44-
different profiles on your AWS CLI and include those IAM users' access and secret keys in your `~/.aws/credentials` file
45-
as described below.
43+
## How to authenticate against the three accounts
4644

47-
You can also of course set up the `aws` providers any other way you like (e.g. using `assume_role`), as long as you
48-
pass them when calling the meshPlatform module:
45+
One way to set up authentication is using three different profiles on your AWS CLI and include those IAM users' access and secret keys in your `~/.aws/credentials` file
46+
as described below.
4947

5048
```hcl
5149
provider aws {
@@ -76,6 +74,8 @@ module "meshplatform" {
7674
}
7775
```
7876

77+
See the `aws` [provider documentation](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#authentication-and-configuration) for other support authentication methods.
78+
7979
## Module Structure
8080

8181
For an overview of the module structure, refer to [generated terraform docs](./TERRAFORM_DOCS.md)

0 commit comments

Comments
 (0)