Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-04-21 13:37:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 91
fleet/articles/deploy-fleet-on-aws-with-terraform.md
Jorge Falcon d3db45d517
Deploying Fleet on AWS with Terraform guide updates (#33385) 
**Related issue:** Resolves
https://github.com/fleetdm/fleet-terraform/issues/59

**Updated Deploy Fleet on AWS with Terraform guide**
- Consolidated steps to reflect recent updates to [Fleet-terraform
modules](https://github.com/fleetdm/fleet-terraform) and
[Fleet-terraform
example](https://github.com/fleetdm/fleet-terraform/tree/main/example)
2025-09-30 17:59:22 +09:00

3.1 KiB
Raw Permalink Blame History

Deploy Fleet on AWS with Terraform

The simplest way to get started with Fleet at scale is to use AWS with Terraform.

This workflow takes about 30 minutes to complete and supports between 10 and 350,000 hosts.

Prerequisites

  • A new or existing Amazon Web Services (AWS) account

  • An AWS Identity and Access Management (IAM) user with administrator privileges

  • An existing VPC

  • The latest version of AWS Command Line Interface awscli

  • The latest version of HashiCorp Terraform

  • A fully qualified domain name (FQDN) for hosting Fleet

Instructions

  1. Download the Fleet main.tf Terraform file.

  2. Edit the following variables in the main.tf Terraform file you just downloaded to match your environment:

# Change these to match your environment.
domain_name = "fleet.example.com"
vpc_name = "fleet-vpc"

Note: Terraform modules for Fleet features can be enabled and disabled by commenting or uncommenting sections of the code as needed. To learn more about the modules, check out our AWS with Terraform advanced guide.

Add a license key: You can include your license key as an environment variable during this step.

  1. Log in to your AWS account using your IAM identity.

  2. Run a command like the following in Terminal:

terraform init

If the file was not downloaded to the downloads folder, ensure that you adjust the file path in the command.

This step will take around 30 minutes.

  1. Run the following command in Terminal:
terraform apply

  1. From the Terminal output, obtain the NS records created for the zone and add them to the parent DNS zone in the AWS Route 53 GUI. Ensure you're adding the subdomain and its NS records to the parent DNS, not changing the NS records for the parent. For example: if the subdomain is fleet.acme.com and the NS record is ns-420.awsdns-52.com, add this record to the parent domain.

  2. Thats it! You should now be able to log in to Fleet and enroll a host.

Advanced

Fleet's best practice Terraform, already supports putting the server_private_key and other secrets in AWS secrets manager. Check out how in the best practice Terraform.