Link Search Menu Expand Document

Setting up AWS and CloudReactor manually

You can use this guide if, for some reason, you don’t want to use the CloudReactor & AWS Setup Wizard (but really, you should, it’s faster and easier).

Still want to go ahead with manual setup?

Broadly speaking, we’ll need to:

Configuration will require some keys and other parameters to be entered. We’ll note anything you need to record in red – open up a text file to hold those variables as we go along.

Set up a cluster in AWS ECS

AWS provides a wizard that creates an ECS cluster in just a few steps. This is appropriate if you want to get started quickly. The wizard can optionally create a new VPC and new public subnets on that VPN – but cannot create private subnets.

Note that you may use other methods like CloudFormation templates or Terraform templates.

We will continue with the AWS wizard. Note that when running the wizard, your user needs to have at least the permissions listed under “Amazon ECS First Run Wizard Permissions” here.

The steps to run the wizard are:

  1. Go to
  2. Click the ECS console walkthrough button (log into AWS if necessary)
  3. Change the region to your default AWS region
  4. Click the Get started button
  5. Choose the nginx container image and click the Next button
  6. On the next page, the defaults are sufficient, so hit Next again
  7. On the next page, name your cluster the desired name of your deployment environment – for example staging. If you have an existing VPC and subnets you want to use to run your tasks, you can select them here. Otherwise, the console will create a new VPC and subnets for you. After entering your desired cluster name, hit Next again.
  8. On the next and final page, review your settings and hit the Create button. You’ll see the status of the created resources on the next page. If you didn’t choose existing subnets, record the subnet IDs

AWS will create:

  • A cluster named as you chose on step 7 above.
  • A VPC named ECS [cluster name] - VPC
  • 2 subnets in the VPC named ECS [cluster name] - Public Subnet 1 and ECS [cluster name] - Public Subnet 2. You can see these in VPC .. Subnets. Note that if you used the wizard to create a new VPC and subnets for you, these subnets will be public; if you want to use private subnets, you’ll have to create your own. If you haven’t already, record the Subnet IDs
  • A security group named ECS staging - ECS Security Group in the VPC. You can find it in VPC .. Security Groups. Record the Security Group ID
  • Once you’ve recorded the Subnet IDs and Security Group IDs, under “ECS resource creation”, you’ll see Cluster [the name of the cluster you created]. Clicking this link will take you to the cluster’s details page; record the Cluster ARN you see here.
  • ECS cluster created!

Set AWS role permissions to allow CloudReactor to stop, start and schedule ECS tasks

To have CloudReactor manage your tasks in your AWS environment, you’ll need to give CloudReactor permissions in AWS to run tasks, schedule tasks, create services, and trigger Workflows by deploying the CloudReactor AWS CloudFormation template, named cloudreactor-aws-role-template.json.

Follow the instructions in the, in the section “Allowing CloudReactor to manage your tasks”.

Be sure to record the ExternalID, CloudreactorRoleARN, TaskExecutionRoleARN, WorkflowStarterARN, and WorkflowStarterAccessKey values.

  • AWS role permissions created for CloudReactor!

Configure CloudReactor with AWS ECS and AWS role settings

Sign up for a CloudReactor account at, and login.

We’ll create a Run Environment in CloudReactor. A Run Environment contains settings that tell CloudReactor how to run tasks in AWS.

  1. Click on “Run Environments”, then “Add Environment”
  2. Name your environment (e.g. “staging”, “production”). You may want to keep the name in all lowercase letters without spaces or symbols besides “-“ and “_”, so that filenames and command-lines you’ll use later will be sane. Note the exact name of your Run Environment, as you’ll need this later.
  3. Fill in your AWS account ID and default region. Your AWS account ID is a 12-digit number that you can find by clicking “Support” then “Support Center”. For default region, select the region that you want CloudReactor to run tasks / workflows in (
  4. For Assumable Role ARN fill in the value of CloudreactorRoleARN from the output of the CloudFormation stack.
  5. For External ID, use the same External ID you entered when you created the CloudFormation stack.
  6. For Workflow Starter Lambda ARN, fill in the value of WorkflowStarterARN from the output of the CloudFormation stack.
  7. For Workflow Starter Access Key, fill in the value of WorkflowStarterAccessKey from the output of the CloudFormation stack.
  8. Add the subnets and security group created by the ECS getting started wizard above
  9. Under AWS ECS Settings, choose a Default Launch Type of Fargate and check FARGATE under Supported Launch Types.
  10. For Default Cluster ARN, fill in the Cluster ARN of the ECS cluster you created above
  11. For Default Execution Role and Default Task Role, fill in the value of TaskExecutionRoleARN from the output of the CloudFormation stack.
  12. Click on the Save button
  • CloudReactor configured to run tasks in ECS!

Next steps

At this point, AWS has the required infrastructure to run tasks on ECS, and CloudReactor and AWS can talk to each other.

Now, we can deploy tasks and have them managed by CloudReactor.