Zum Hauptinhalt springen

Before you begin

Once you have the prerequisites, prepare for the installation.

Clone the repo

Clone the AI Unlimited GitHub repository. The deployments folder in the repository contains template, parameter, and policy files for installing AI Unlimited.

Open a terminal window, and clone the repository.

Prepare your AWS account

Create an IAM role and attach policies

Use IAM roles and policies to grant AI Unlimited permissions to deploy and access AWS resources.

You have the option to either let the CloudFormation template create a new role along with the necessary policies, or you can use an existing role and attach the required policy to it. If you have the permission to create IAM resources, the CloudFormation template can create the roles and policies for AI Unlimited. Otherwise, you can utilize an existing role and attach required policies based on your permissions and specific needs.

AI Unlimited can pass the role and policies that you provide to the cluster.

See Creating roles and attaching policies (console).

Holding on to this next sentence as is for the time being, but we have to be careful about documenting a third-pary UI:

Configure these policies in the AWS Management Console in Security & Identity > Identity & Access Management > Create Policy.

Use these JSON samples to create the policies you need, and attach them to the role:

  • ai-unlimited-workspaces.json: Includes permissions to create engine instances, and grants AI Unlimited permissions to create a cluster-specific role and policies.

  • ai-unlimited-without-iam-role-permissions.json: Includes permissions to create engine instances, but not those needed for AI Unlimited to create cluster-specific roles and policies. Use this, and ai-unlimited-engine.json, if your AWS account has restrictions that won't allow AI Unlimited to create roles and policies.

  • ai-unlimited-engine.json: Allows AI Unlimited to pass the role to the cluster each time the engine is deployed. Use this with ai-unlimited-without-iam-role-permissions.json. Modify the policy with your your account details.

    If AI Unlimited creates cluster-specific policies, they are restricted as follows:

    For the role you provide, you can't predict the cluster name, so use a wildcard in the policy (which one?).

  • session-manager.json: Includes permissions to interact with the AWS Session Manager. Use this if you plan to use Session Manager to connect to the engine to closely manage it.

Create a GitHub or GitLab OAuth app

Create an OAuth app so that AI Unlimited can authorize your GitHub or GitLab account to store user and project information.

  1. Sign in to your Git repository.

  2. Create an OAuth app. See GitHub: Create an OAuth app or GitLab: Create an OAuth app.

    While registering the OAuth app, use these URLs.

    • Homepage URL:

      • If you are using the QuickStart, http://localhost:3000

      • For a demo or full installation, http://[ip_or_hostname]:[port]

    • Authorization callback URL: [Homepage URL]/auth/github/callback

    For GitLab, select the appropriate OAuth Scopes as defined in Authorized Applications.

  3. Copy and retain the Client ID and Client secret. You'll use them to authorize AI Unlimited to save user and project information.

Get deployment details

When you install the manager using a CloudFormation template, you'll provide account and network details.

You can copy this template to get these details from an admin. Or, get them from the AWS Management Console.

These are the required parms, but the customer's org may require more. Can't put a table (of the full set) in a code block.

Subscribe to AI Unlimited

Subscribe on the AWS Marketplace replace w/link to listing

Then return to this documentation site to set up AI Unlimited.