Customer Steps to Onboard on Metworx
- When a new customer organization is created in Metworx and the first Organization Admin user is added, the user will receive an e-mail including login instructions to the e-mail address configured. Further steps assume that you have OrgAdmin credentials to your Metworx Organization AND Admin-level Credentials to your AWS account.
- Once you are configured as OrgAdmin in Metworx, you will receive initial credentials via the e-mail address on record. Please login, reset your password, as required, and complete the steps below.
- When you first log in, your Metworx dashboard will resemble the following:
Steps to Complete
|1. Select network topology and configure a vpc and a subnet for metworx workflows
||Metworx workflows can be setup to run in either Public or Private Subnets, depending on customer requirements. If metworx workflows are going to be setup in a private subnet, it is the customer's responsibility to establish a way for end users to connect to those workflows, typically though a VPN tunnel.
||Discuss Networking / AWS Account Requirements with MetrumRG Cloud/Application Admins
|2. Provision organization-level ssh key
||Each Metworx user can have their own ssh key in AWS to connect to their workflow. However, if a user or users DO NOT have a key configured, an organization-level key will be used instead. Only cloud- or metworx- administrators should have access to the organization-level ssh key.
||Step by Step Configuring SSH Keypair in Metworx Procedure and Video
|3. Provision IAM Objects
||In the customer's AWS account, there has to be an IAM service user, that Metworx applications use to connect to the customer-owned AWS account, and an IAM service role, that all of the ec2 instances assume when they run.
||Step by Step Provisioning IAM Objects in a Customer Account
|4. Configure Metworx Credentials and Network
||AWS IAM Service user api access and secret keys must be configured in Metworx Organizations by the customer Organization Administrator. MetrumRG does not have permissions to configure or view these keys.
||Procedure and Video configure API keys and VPC network/subnet
|5. (Optional) Configure SSO
||If SAML SP is used, configure SSO
|| Notes on configuring SSO
|6. Test the Configuration
||Create and login to Metworx workflow to test the configuration
|| Testing the Metworx Organization Configuration and TroubleShooting issues
Please review additional recommendations related to AWS account management.