AWS Deployment Overview

There are multiple ways to deploy the Curity Identity Server on AWS. This tutorial provides a summary, along with links to more detailed tutorials and end-to-end code examples.

The Curity Identity Server AWS AMI

Using the Curity Identity Server Amazon Machine Image (AMI) is very straightforward. This is publicly available and can be searched for in the EC2/AMIs section of the AWS Console. Detailed instructions on the process are outlined in the Run Curity Identity Server on AWS (AMI) tutorial.

CloudFormation Template

Follow the Install on AWS using CloudFormation tutorial, for a straightforward approach to deploying the Curity Identity Server on AWS EC2 virtual machines. This involves customizing some values, then uploading a template file using the AWS console, to create a new stack.

Cloud Development Kit (CDK)

A more productive infrastructure as code approach, for generating CloudFormation, is to use the AWS CDK. This enables you to express your desired state as objects in your preferred programming language, then receive compile-time feedback on any properties your have configured incorrectly. An end-to-end example is provided in the Install on AWS using the CDK tutorial, to enable deployment from a development computer.

Kubernetes using the Helm chart

Instructions on installing components to create and manage EKS clusters via eksctl are detailed in the AWS Getting started with eksctl article. First create a cluster via the AWS console or using eksctl, ex:

eksctl create cluster \
 --name curity \
 --version 1.17 \
 --nodes 2

The result will report that the cluster is created. Note that this can take several minutes to complete.

...
[✔]  EKS cluster "curity" in "us-west-2" region is ready

In order to install the Helm chart in an Amazon EKS cluster, kubectl needs to be configured. This is outlined in this Amazon article, Using Helm with Amazon EKS. Make sure to also Create a kubeconfig for Amazon EKS as noted in the documentation.

aws eks --region us-west-2 update-kubeconfig --name curity

Once the cluster is created, kubectl properly configured and Helm installed, the Helm chart for the Curity Identity Server can be run. Check out the details in the Install the Curity Identity Server with Helm article.

For a detailed walkthrough of an EKS deployment of the Curity Identity Server, which can be run from a development computer, see the Deploy to Elastic Kubernetes Service (EKS)> tutorial.

Data Sources

Some example deployments of the Curity Identity Server may use the default in-memory HSQL database. When designing your AWS deployment, you will need to update to a SQL or NoSQL database. AWS specific data stores can be used, including DynamoDB and Amazon Aurora. See the system requirements for further details on data sources.

Summary

There are several different ways to get a scalable and robust deployment of the Curity Identity Server up and running in AWS. This tutorial explained all of the main options, and provided links to more detailed resources and example deployments.