We need more information on what Confluence expects for these form fields. There is no reference to this web form in the Atlassian docs.
• What permissions does the IAM role require?
• What gets populated into the Host Header field?
• What values are required for the Tag key and Tag value?
• What needs to be in the security group that is named?
The only three fields that I typically fill on initial setup are the following:
When confluence starts it will make a call to AWS metadata for the access credentials of the IAM role. It will use these credentials to discover the other nodes in EC2. If your configuration fails for whatever reason and the cluster is not successfully created, you will need to wipe the database and start over. Editing these values in confluence.cfg.xml and restarting confluence will not work on initial setup.
This is not mandatory, since it is very specific to the Amazon environment. Pretty much, an IAM role is similar to a user, in that it is an AWS identity with permission policies that determine what the identity can and cannot do in AWS. You can use roles to delegate access to users, applications, or services that don't normally have access to your AWS resources. For example, you might want to grant users in your AWS account access to resources they don't usually have, or grant users in one AWS account access to resources in another account.
You can find more information about it on the IAM Roles guide in Amazong webpages. I recommend you to only use IAM Roles in case you have it, else, set a secret key to access the Amazon resources and you should be good.
Hope it helps, have a great week ahead!
The questions is not what are IAM roles, but what permissions/trust relationships we need to grant to the role to allow confluence node discovery. There aren't any robust AWS-Atlassian docs to help fill in the gap. I am guessing it needs ec2 services, but is there anything else?
Working on the IAM role now.
according to hazelcast which they use...
Hostheader for me was ec2.amazonaws.com
I believe it searches the instances for all the instances that share the same key/value.
So if you make the key ClusteringID and the value like Confluence1234 it should cluster those together. I'm not sure security group is required... but... I'm still working on mine.
The security group needs to be shared by all the instances and is required.
I am also trying to use the AWS strategy to auto discover the peer nodes. However, I am unable to create the cluster. I have ensured the hazlecast jar file exist under plugin directory and the IAM role with required permissions (ec2:DescribeInstances).
Error which showed up in UI doesn't makes sense as I am using only IAM role not both.
Network interface which confluence grabbed not associated with any of the host in AWS. Confluence log has the following error
[atlassian.confluence.cluster.DefaultClusterConfigurationHelper] getJoinConfig Could not get cluster config from configuration file: The address 'null' is not a valid network address
Hello Confluence Community! What if i told you that you could have a healthier life and be 100% meet-less? This month, we're promoting a healthy, balanced work diet with Confluence. (Read m...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events