astroctl_cloud_aws_selfHosted_setup
astroctl cloud aws selfHosted setup
Deploy prerequisites and auto-store credentials in vault
Synopsis
Deploy a CloudFormation stack that creates the required AWS resources for running a self-hosted Kubernetes cluster, then automatically store the generated credentials in the platform's encrypted vault.
After setup completes, your cluster YAML uses vault credentials: provisioner: type: selfHosted selfHosted: accountId: "<your-account-id>" bucketName: "<auto-generated>" credentials: type: vault
Resources created:
- IAM User and Group with 7 managed policies (S3, EC2, EventBridge, Route53, SQS, VPC, IAM)
- S3 bucket for Kubernetes state store (versioned)
- SQS queue for event processing
When deployed via AWS CLI (option 1), credentials are automatically extracted from CloudFormation outputs and stored in the vault — no manual copy needed.
For console/template options, you'll need to run 'connect' manually after deployment.
astroctl cloud aws selfHosted setup [flags]
Examples
# Deploy via AWS CLI with a profile (easiest)
astroctl cloud aws selfHosted setup --account-id 123456789012 --region us-west-2 \
--cluster-name prod --profile admin
# Interactive setup via AWS Console
astroctl cloud aws selfHosted setup --account-id 123456789012 --region us-west-2 --cluster-name prod
# Save template for IaC pipeline
astroctl cloud aws selfHosted setup --account-id 123456789012 --region us-west-2 \
--cluster-name prod --output-template ./selfhosted-cf.yaml
Options
--account-id string AWS account ID (12 digits) (required)
--cluster-name string Cluster name (used for resource naming) (required)
-h, --help help for setup
--output-template string Save CloudFormation template to file and exit
--profile string AWS profile for deploying via AWS CLI (skips browser)
--region string AWS region (e.g., us-west-2) (required)
Options inherited from parent commands
-o, --output string Output format (json|yaml) (default "yaml")
SEE ALSO
- astroctl cloud aws selfHosted - Self-hosted cluster prerequisite management