=== Specialized knowledge This deployment guide requires a moderate level of familiarity with AWS services. If you’re new to AWS, see the https://aws.amazon.com/getting-started/[Getting Started Resource Center^] and https://aws.amazon.com/training/[AWS Training and Certification^]. These sites provide materials for learning how to design, deploy, and operate your infrastructure and applications on the AWS Cloud. ifndef::production_build[] _**This portion of the deployment guide is located at `docs/{specificdir}/specialized_knowledge.adoc`**_ [.preview_mode] |=== a| endif::production_build[] include::../{specificdir}/specialized_knowledge.adoc[] ifndef::production_build[] |=== endif::production_build[] ifndef::disable_regions[] ==== Supported AWS Regions ifndef::custom_supported_regions[] include::../{includedir}/regions_default.adoc[] endif::custom_supported_regions[] ifdef::custom_supported_regions[] // If the "Supported AWS Regions" section requires custom content (in partner-editable/regions.adoc) instead of the boilerplate content (in regions_default.adoc), uncomment the custom_supported_regions variable in _settings.adoc. ifdef::auto_populate_regions[] The following Regions are currently supported by this Quick Start. include::../{generateddir}/regions/index.adoc[] endif::auto_populate_regions[] ifndef::auto_populate_regions[] ifndef::production_build[] _**This portion of the deployment guide is located at `docs/{specificdir}/regions.adoc`**_ ++++
++++ endif::production_build[] include::../{specificdir}/regions.adoc[] ifndef::production_build[] ++++
++++ endif::production_build[] endif::auto_populate_regions[] endif::custom_supported_regions[] endif::disable_regions[] === AWS account If you don’t already have an AWS account, create one at https://aws.amazon.com/[https://aws.amazon.com^] by following the on-screen instructions. Part of the sign-up process involves receiving a phone call and entering a PIN using your phone's keypad. Your AWS account is automatically signed up for all AWS services. You are charged only for the services you use. === Amazon EKS cluster If you deploy your cluster into an existing Amazon EKS cluster that was not created by the https://aws-quickstart.github.io/quickstart-amazon-eks/[Amazon EKS on the AWS Cloud^] Quick Start, you must configure your cluster to allow this Quick Start to manage it. For more information, see the link:#_deployment_steps[Deployment steps] section. === IAM permissions //TODO: scope of least-privilege Before launching the Quick Start, you must log in to the AWS Management Console with https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_job-functions.html[AWS Identity and Access Management (IAM)^] permissions for the resources and actions that each template deploys. The _AdministratorAccess_ managed policy within IAM provides sufficient permissions, although your organization may choose to use a custom policy with more restrictions. === Deployment options This Quick Start provides three deployment options: * *Deploy {partner-product-short-name} into a new VPC (end-to-end deployment)*. This option builds a new AWS environment consisting of the VPC, subnets, NAT gateways, security groups, bastion hosts, EKS cluster, a node group, and other infrastructure components. It then deploys {partner-product-short-name} into this new EKS cluster. * *Deploy {partner-product-short-name} into a new EKS cluster of an existing VPC*. This option builds a new Amazon EKS cluster, node group, and other infrastructure components into an existing VPC. It then deploys {partner-product-short-name} into this new EKS cluster. * *Deploy {partner-product-short-name} into an existing EKS cluster*. This option provisions {partner-product-short-name} in your existing AWS infrastructure. Note that when deploying into an EKS cluster that was not created by the https://aws-quickstart.github.io/quickstart-amazon-eks/[Amazon EKS on the AWS Cloud^] Quick Start, you must prepare the cluster as described in the link:#_deployment_steps[Deployment steps] section.