Step 1: Install Root Stack

The following is a step by step guide to installing the InfinStor service in your own AWS account.

InfinStor root stack

  • In your AWS Console, go to CloudFormation and choose create stack
  • Use Amazon S3 URL for template source. The URL is:
https://s3.amazonaws.com/infinstorcft/2.2.28/infinstor.yaml

Here is a detailed explanation of the parameters:

Options

General Options

  • InfinStor Domain: Specify the domain where the Infinstor service will be installed. e.g. yourcompany.com or infinstor.yourcompany.com or others. For example, if Infinstor Domain is set to infinstor.yourcompany.com, then Infinstor CloudFormation Template (CFT) will create the following DNS entries automatically or will expect them to be created manually. Ensure that these subdomains are available before starting installation.
    • api.infinstor.yourcompany.com
    • mlflow.infinstor.yourcompany.com
    • mlflowui.infinstor.yourcompany.com
    • mlflowstatic.infinstor.yourcompany.com
    • service.infinstor.yourcompany.com
  • IsExternalAuth: Specify whether this instance will federate authentication to an external authentication system such as Azure Active Directory or Google Oauth. Note that InfinStor uses cognito as the core authentication service.
    • if set to False, Cognito will be used to securely store user information like user id, user name, user password and others.
    • If set to True, Cognito will be configured to federate authentication to an exernal idenity provider, using protocols such as SAML, OpenID Connect and other.

Certificate Creation Options

  • CreateCertificates: true or false. This parameter determines whether InfinStor CFT will automatically create certifictes or not.
    • If you set this to true, Infinstor CFT automatically creates a certificate in your AWS account for each of the subdomains (under Infinstor Domain) specified above.
    • If you set this to false, you must have a wildcard certificate ready and provide it in the next parameter.
  • Enter the ARN of a pre-existing wildcard certificate: In this text box, you must specify the ARN of the certificate to use if the CreateCertificates parameter was set to false. If CreateCertificates is true this can be blank.

DNS Entry Creation Options

  • CreateDnsEntries: true or false.
    • If you want InfinStor CFTs to automatically create the required DNS entries (see above for the entries), set this to True. If set to True, Route53HostedZoneId below must also be set.
    • If you will create the needed DNS entries manually (instead of Infinstor CFT automatically creating the above DNS entries for you), set this to False
  • Route53HostedZoneId: DNS Zone ID in Route 53 for the Infinstor Domain specified above, where InfinStor is to be installed.
    • If CreateDnsEntries is false, this parameter can be blank. But you will have to create the subdomains above manually using your DNS management tool.
    • If CreateDnsEntries above is true, Infinstor CFT will attempt to create the above subdomains under Infinstor Domain.

Permissions Boundary Options

  • UseBoundaryPolicy: true or false. If your corporate policy requires you to set a boundary policy, set this to true and enter the boundary policy ARN in the BoundaryPolicyARN item below
  • BoundaryPolicyARN: If the above configuration item UseBoundaryPolicy is set to true, then this config item is required and must have the ARN of the boundary policy to use

Be sure to tick the 'IAM Resources with Custom Names' and 'CAPABILITY_AUTO_EXPAND' checkboxes while clicking through the Stack Options page.