# Install Dependencies
The okta-dac and byob-dashboard projects will need to install custom serverless components within AWS and also refer to entities defined within the Okta tenant. These projects leverage
serverless to setup all the infrastructure as code.
# Install Terraform
Terraform is used to setup Okta.
See installation instructions here for your operating system: https://learn.hashicorp.com/terraform/getting-started/install.html
# e.g. Mac OS X homebrew: $ brew install hashicorp/tap/terraform
# Install Serverless
Serverless is used to setup AWS.
See installation instructions here for your operating system: https://www.serverless.com/framework/docs/getting-started/
# e.g. Mac OS X via npm: $ npm install -g serverless
# Install AWS CLI
AWS CLI will be used by serverless to deploy to AWS
See installation instructions here for your operating system: https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html
# Enable Programmatic Access to AWS
To enable programmatic access to AWS within terraform and serverless, you will need to create an IAM user with sufficient admin privileges.
Log in to the AWS account where you plan to host the BYOB artifacts and navigate to the
Add User. Make sure to check
Programmatic access as the access type.
Set Permissions, select
Attach existing policies directly.
Administrator Access policy as below:
Optional: Create a tag with key
okta with value
Next: Review to review the user configuration.
Once the user is created, you can download the csv with the
Access Key ID and
Secret access key.
# Create Named Profile in AWS CLI
The terraform and serverless scripts will use credentials defined in the named profile
Using the credentials -
Access Key ID and
Secret access key from the previous step, configure an aws profile with the following command:
serverless config credentials --provider aws --key <AWS_ACCESS_KEY_ID> --secret <AWS_SECRET_ACCESS_KEY> --profile serverless-okta
For more info about the above command see cli-configure-profiles.
You can verify the presence of the named profile in the
See the terminal console output below:
# Enable Programmatic Access to Okta
To enable programmatic access to Okta within Terraform, you need to do the following:
Log in to Admin dashboard of the Okta tenant. Make sure to login as a user with sufficient privileges to create entities like Applications and Authorization Servers
Security -> API -> Tokens
Create a Token. You can name the token
Make sure to copy the created token. This will be used in terraform.