Skip to content

Bring Your Own Cloud

Run Hydrolix on your own cloud infrastructure with our Bring Your Own Cloud (BYOC) offering. This can provide cost savings over the standard Hydrolix Cloud offering. See the Hydrolix pricing page for more information.

Allow Hydrolix to manage a cluster in your AWS account:

  • Create a role for Hydrolix
  • Configure cross-account access for that role

Prerequisites⚓︎

  • Shell access on a Unix-like system (macOS or Linux)
  • The envsubst command-line utility, typically included by default in most Linux distributions and macOS
  • Account, region, and other information listed in the following table
Item Description Example
customer_account_number Your AWS Account Number 123456789012
target_aws_region The AWS region you would like to deploy Hydrolix us-east-1
IAM Policy Name The name of the security policy hydrolix-policy
IAM Cross-Account Role Name The name of the cross-account role hydrolix-role

Generate policy JSON⚓︎

  1. Download the customer-policy.json.template file.

  2. Set environment variables by running the following command in your shell. Replace the quoted values with these two values from Prerequisites.

    1
2
3
4
     ```bash
 export Account="<customer_account_number>"
 export Region="<target_aws_region>"
 ```

  3. Run this command to generate the policy JSON file.

    1
    envsubst < customer-policy.json.template > output/example_policy.json

Configure a new IAM Policy⚓︎

  1. Go to the IAM/Policies page of the AWS Console.
  2. Create a new IAM policy and specify the permissions from the JSON file generated previously.
  3. Enter the IAM Policy Name from Prerequisites.
  4. Select Create.

Create a cross-account role⚓︎

  1. Download the IAM cross-account role policy file.
  2. Go to the IAM/Roles page of the AWS Console.
  3. Create the role and add:
    • Trusted entity type: AWS account
    • An AWS account: select Another AWS account and enter the Hydrolix source account ID: 637423425278
  4. Add the IAM cross-account role policy file you downloaded.
  5. Provide the IAM Cross-Account Role Name from Prerequisites.
  6. Select Create.

Send Hydrolix the Amazon Resource Name (ARN)⚓︎

  1. Find the new role in the list of all roles in Console/IAM/Roles and open it.
  2. In the Summary section, copy the ARN. For example, arn:aws:iam::123456789012:role/hydrolix-role.
  3. Send an email with the ARN and region where the cluster needs to be deployed to Hydrolix Support.

For information or assistance, contact Hydrolix support.