You need an existing or a new Amazon Web Services (AWS) account or an existing or a new AWS GovCloud (US) account. For more information, refer to the AWS documentation:
Kublr also support other AWS partitions, such as AWS CN (China), AWS Top Secret region, etc.
To deploy a cluster in your AWS account with Kublr, you need to create an AWS policy and AWS API Access Key. All cluster resources (e.g. nodes) are created in your AWS account through the AWS API and will be managed by Kublr.
Use your AWS root account credential to sign in to the AWS Management Console or AWS GovCloud (US) Management Console. If you have previously signed into the console with your IAM user credentials, your browser may open the IAM user sign-in page. To avoid this, choose sign in using your root account credentials link to access the AWS account sign-in page.
Access AWS Console → IAM → Policies.
Click Create Policy.
On the Create Policy page, select JSON tab.
In the Policy Document section, enter this policy profile
Click Next, set policy name, then click Create Policy.
The new policy is created.
Access IAM → Users, click Add Users.
Set username and click Next.
At permissions tab, select Attach policies directly.
Select the policy you generated.
Click Next, overview settings, then click Create User.
The new user is created and added to the list.
Grant the created user with programmatic access as described here.
Copy or download the Access Key ID and Secret Access Key.
NOTE For the specific Access Key ID, viewing and copying of Secret Access Key is only available once.
Do one of the following:
Click Create New Access Key.
Consider alternative cases and proceed to the next step.
Copy or download the key.
NOTE This is the only time that the secret access key can be viewed or downloaded.
Click Done. The key is added and activated.