Getting Started
This manual aims to help users quickly understand the essential functions and processes needed to use CAM effectively.
Network Environment
Access is allowed only from network environments authorized for each tenant.
- CAM portal and console access: can be accessed from the network environment permitted for each tenant.
- DEV, STG, ETC resource access: can be accessed from the allowed network environment for each tenant.
- PRD resource access: It can only be accessed in a network environment where the internet is blocked, and can only be accessed from specific IP ranges per tenant.
- Additional individual PC environment configuration is required.
Preliminary work
To use the CAM portal, several preliminary steps are required. If you are a PM (Project Manager) or PL (Project Leader) group user, please review the cloud account and resource preparation items below and set up the environment in advance.
Prepare cloud account
To register and manage an account in CAM, you first need to create a role in the IAM service of the CSP (AWS, Azure, SCP), configure it with the policies required by CAM, and then assume the role in CAM.
Resource preparation
Resource configuration
To register resources in CAM and connect, several configuration steps are required when setting up the resources.
First, you must enable ‘Password authentication’. Since a One-Time-Password (OTP) for SSH connections is issued when accessing resources from CAM, this configuration is essential for accessing resources through CAM.
Additionally, when the resource type is Compute, you must add the configuration below.
- Add the following content to a file named /etc/sudoers.
- ubuntu : %sudo ALL=(ALL) NOPASSWD:ALL
- amazon linux : %wheel ALL=(ALL) NOPASSWD: ALL
- Restart the server using systemctl restart sshd.service.
Network Settings
To access resources through CAM, you must register firewalls and security groups according to each tenant’s network environment so that CAM can connect to the resources. Please verify the required information with the tenant administrator and proceed with the network configuration.
Service scope
Currently, Console Access supports AWS, Azure, and SCP, while Resource Access supports only AWS. We plan to gradually expand to other CSPs in the future.
| Item | Explanation |
|---|---|
| AWS | Amazon Web Services |
| IAM (Console) | AWS Identity and Access Management |
| SCP | Samsung Cloud Platform (KR EAST1 region, KR WEST1 region) |
| EC2 | Elastic Compute Cloud |
| RDS | Relational Database Service |
| OS | Version |
|---|---|
| Ubuntu | Ubuntu Server 24.04 LTS |
| Ubuntu | Ubuntu Server 22.04 LTS |
| Amazon Linux | Amazon Linux 2023 AMI |
| Redhat | Red Hat Enterprise Linux 9.4 |
| DB Engine | Version |
|---|---|
| PostgreSQL | 16.x |
| MySQL | 8.0.x |
| Aurora PostgreSQL | 15.x |
| Aurora MySQL | 3.05.x |
| Aurora MySQL | 3.04.x |
| Aurora MySQL | 3.03.x |
| MariaDB | 10.11.10x |