50

StackZone - Baseline Services

Last Update 6 hari yang lalu

StackZone Feature: RDS EBS Optimizer How to Enable Instance Scheduler with StackZone How to Configure Budget Alert and Notifications How To Enable Cost Anomaly Detections How To Enable Savings Plans Notifications

StackZone Feature: STNO

Serverless Transit Network Orchestrator

Ryan Ware

Last Update sebulan yang lalu

This article will cover how we can use StackZone to implement the Serverless Transit Network Orchestrator, a useful tool to help with Networking and helps automate the process of implementing and managing transit networks in your multi-account AWS Organization.


This feature has been setup to work cross-account and cross-region, with the "hub" being based in the Core Networking Account in your StackZone OU.


This solution from AWS creates a web user interface to help you control, audit and visualize your networking resources. To understand how to use this feature in greater detail, please visit the official Amazon Documentation for this Feature

How To Enable StackZone STNO

In order to enable the StackZone STNO solution, there are some things we need to enable in order for this to build properly. We can enable all of these are the same time in one deployment, if you don't have any of these features enabled currently.


Firstly, we need to head to the Core Accounts > Networking page in the Provisioning Module. We need to ensure that we have the Global Network enabled, this can be enabled by toggling the Global Network card here:

Next, we need to head to the Serverless Transit Gateway card which is also in the Networking page in Core Accounts.

Below we have an example settings for configuration for the STNO in the StackZone Console.

For additional information about these fields;


- Approval Notifications: If "on" then you will need to manually approve all requests in the WebUI. If this is left "off" (default) then all changes will not need any approval, and they will be applied automatically


- Approval Notification Email Addresses: The Email Address to receive these notifications


- Cognito Domain: This is the Cognito domain you will need for the ability to use the below login email address, as the backend for the WebUI Solution uses Amazon Cognito. It is recommended to use your email domain as a name here, which matches the below email address.


- Console Login Email: This is the email address which the solution will send out login information once the stacks have been successfully deployed.


- Transit Network Spoke: This will need to be enabled if you want the "spoke" stacks deployed to all StackZone managed AWS Accounts and in all StackZone enabled regions. 


- Event Bridge Name: The name of the Event Bridge constructed. We can leave this to the default name of "STNO-EventBridge" or you can change this if so desired.

How to Access the WebUI

After the hub stack is successfully deployed, you receive two emails containing a link to the web UI and sign-in credentials. By default, the solution creates one Amazon Cognito adminuser (in the admin group) and one Amazon Cognito readonlyuser (in the read-only group).


Enter the provided user credentials to sign in. You must change the system-generated password the first time that you sign in.


Note: The temporary account expires if you don’t sign in within seven days. Your new password must be at least ten characters long.

You can use the web UI to access the dashboard to view network changes, access action items to view, approve or reject network requests when manual approval is required, and view the history of all changes made within the solution.


For more information on this WebUI - refer to the official Amazon Documentation for this solution

Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here

Was this article helpful?

0 out of 0 liked this article

Still need help? Message Us