Prerequisites

Ensure that the following points are completed before deploying the application.

• The development package provided by Protegrity is obtained from the portal and extracted.

• The following tools are required to install the product:

  • AWS CLI: This must be configured with valid credentials. For more information, refer to Configuration and credentials precedence. The AWS account used must have the necessary permissions to create and manage EKS clusters and associated resources.

  • kubectl: This is used to manage the Kubernetes cluster.

  • Helm: This is used to deploy applications on the EKS cluster.

  • The NGINX and metric server: These components are downloaded from an external repository during the deployment process and require access to Internet. Ensure that these are available for deployment.

• The following AWS requirements are completed:

  • Virtual Private Cloud (VPC) for the EKS cluster. For more information about VPCs, refer to Amazon VPC.
  • Role creation permissions to create IAM roles. If your account does not have these permissions, create the necessary roles as defined in the eks-auto-mode.yaml file in the /eks/cloudformation directory.
  • AWS must have permissions to access the Docker registry where your Docker images are stored.

• Valid server certificate files are uploaded to the /eks/helm_chart/classification_app/certs directory. These files are required for secure communication and are automatically pushed to the cluster during deployment. The following files must be uploaded:

  • Server certificate with .crt extension.
  • Private key with the .key.

  For more information about generating certificates, refer to create certificates.
  The certificates in EKS are stored as secrets. It is recommended to secure the EKS secrets using KMS encryption. For more information about encrypting keys, refer to encrypt Kubernetes secrets with KMS.