Before deploying the ECS or EKS clusters you must set up and configure multiple AWS services.

The topics below assume that you have already logged into the AWS Management Console and have chosen the region where the system is going to be deployed.

This section contains the following topics:

• Storing the Configuration File
• SSL Certificate
• VPC and Network Setup

Storing the Configuration File

To store the configuration file:

1. Download zero-config.yml.
2. Modify the database name, username, password and server URL.

To create a new secret:

1. Choose Store a new secret in the Secrets Manager console.
2. On the Choose secret type page, choose Other type of secret for Secret type.
3. In Key/value pairs, choose the Plaintext tab.
4. Paste the zero-config.yml content with the pre-filled values and click Next.
5. On the Configure secret page, add a Secret name and click Next.
6. On the Review page, review your secret details, then choose Store.

For more information on how to store a new secret, see Create and manage secrets with AWS Secrets Manager.

SSL Certificate

An SSL certificate is used to attach to ELB (Elastic Load Balancing) to have ZERO Connect API running through HTTPS.

You can use one of the following options to create an SSL certificate on AWS Certificate Manager (ACM):

• Import your own certificate (for details about how to do that, see Importing certificates into AWS Certificate Manager)
• Request a public certificate (for details about how to do that, see Requesting a public certificate)

Once the certificate is created and validated, take note of the ARN.

arn:aws:acm:region:account:certificate/certificate_ID

VPC and Network Setup

Note: This step is required only for ECS type of setup. For EKS, VPC network will be created automatically during the cluster setup.

For VPC network (Virtual Private Cloud) setup, Zero Systems supplies a script to provision all VPC required configurations, including:

• VPC Instance
• Internet Gateway
• NAT Gateway
• Public and Private Subnets

The Zero Systems VPC provision script will be configured based on sizing, region, availability requirements, and Amazon VPC best practices for subnet utilization.