Skip to content

Deploying Glean in AWS

Overview

Glean provides our customers the ability to deploy Glean software inside their own Amazon Web Services (AWS) account. This deployment requires your AWS admin to:

  1. Create a new empty AWS account.
  2. Associate a valid billing account.
  3. Notify Glean of any tags that need to be added to any resources that are created.
  4. Execute the provided Glean CloudFormation template to prep the AWS environment.
  5. Notify Glean of the AWS account ID, AWS account name, and AWS region selected.

After completing the above, Glean's systems will automatically build and deploy the required compute, workflows, and software into your AWS account.

At this stage, Glean will advise you that your tenant is ready; allowing your admins to proceed with the setup process in our Getting Started guide.

This document will cover the steps required by your AWS admins to prepare an AWS account that is ready for your Glean build.

1. Select an AWS Region

You must first select a supported AWS region for Glean to build your environment in.

Danger

The region selected cannot be changed once your tenant has been built. Changing region will require a complete rebuild of your tenant.

More information: Supported AWS Regions

2. Create a new AWS account

Create a new AWS account in the region selected above.

You must notify Glean of the following information:

  1. AWS Account ID (e.g. #182333000101)
  2. AWS Account Name (e.g. aws-glean-companyname)
  3. AWS Region (e.g. us-east-1)

Warning

To ensure a smooth installation of Glean, you must use a dedicated AWS account. This account should be new and not contain any pre-existing resources. The provided CloudFormation template is designed to set up the necessary IAM resources that Glean uses for construction, monitoring, and maintenance of your tenant.

Using a separate AWS account helps to prevent any potential conflicts with existing resources and maintains a clear boundary for security purposes. This approach aligns with best practices for cloud resource management and helps safeguard your company's existing infrastructure.

3. Company Tag Policy

You must notify Glean if your company policy enforces the use of specific tags on AWS resources. Glean can add these tags to nearly all resources that we create, but we must be notified in advance before commencing the build of your Glean tenant so that the tags can be seeded in the initial deployment.

You should provide your Glean engineer a list of any and all tags that are required in the following format: 

tag1:value1--tag2:value2--tag3:value3--...

4. Deploy the Glean CloudFormation Template

  1. Log in to your new AWS account as an Administrator.

  2. Navigate to the AWS CloudFormation console at https://console.aws.amazon.com/cloudformation/

  3. Click Create stack.

  1. On the Specify template page, select Amazon S3 URL and paste the following URL for Glean's CloudFormation template. Click Next to proceed. 

    https://glean-public-marketplace-resources.s3.amazonaws.com/glean-cloudformation-template.yaml

  2. Specify a name for the stack, e.g. glean-bootstrap. Click Next to proceed.

  3. Skip all the fields on the options page and click Next again at the bottom.

  4. On the final review page, scroll to the bottom, agree to the capabilities acknowledgment, and click Submit to deploy the template.

More information: Selecting a Stack Template (docs.aws.amazon.com)

Success

Once the CloudFormation template has deployed, notify your Glean engineer so that they can initiate the build of your tenant.