Elastic Path Account Management Deployment Guide

Initializing Account Management API Service

Initializing Account Management API Service

  • Ensure that all requirements described in the Requirements section are met.
  • Ensure that the URLs for the Account Management user interface and Keycloak are available.
  • Ensure that Keycloak is configured and deployed.
  • Ensure that the client id and secret value are available.
  • Ensure that the username and password with administrative access to the Master realm in Keycloak is available.
  • Ensure that you have access to the account-management-1.0.0.zip file in the Elastic Path Public Nexus repository.
  • Ensure that the MySQL compatible RDBMS service is provisioned, the schema is initialized, and the username, password, and other connectivity details are available.
  1. Extract the files in the account-management-1.0.0.zip.
    The zip file should extract its contents including the folder `account-management-api`, which contains the code used in this step.
  2. Build the docker image (using `account-management-api/Dockerfile` on your local machine.
  3. Push the Docker image to Amazon Elastic Container Registry (ECR).
  4. Deploy the Docker image in Amazon Elastic Container Service (ECS) with the following environment variables:
    Parameter Value
    API_DB_DRIVER_CLASSNAME com.mysql.jdbc.Driver
    API_DB_USER The username of the administrator account in the MySQL Account Management schema.
    API_DB_PASSWORD The password of the administrator account in MySQL Account Management schema.
    API_DB_CONNECTION_URL jdbc:mysql//(MySQL Server IP/DNS Name):(MySQL Server Port)/(MySQL Account Management Schema)?characterEncoding=UTF-8
    EAM_IDP_BASE_URI the Keycloak URI/auth
    EAM_IDP_TOKEN_ENDPOINT the Keycloak URI/auth/realms/id of the realm/protocol/openid-connect/token
    EAM_IDP_REALM The id of the Realm.
    EAM_IDP_CLIENT_SECRET The secret generated in the 6.f step.
    EAM_IDP_ADMIN_USERNAME The administrator username.
    EAM_IDP_ADMIN_PASSWORD The administrator password.
    EAM_AUTH_JWT_PRIVATE_KEY The JWT private key. For more information, see the Infrastructure Requirements section.
    EAM_AUTH_JWT_PUBLIC_KEY The JWT public keyshared with Elastic Path Commerce. For more information, see the Infrastructure Requirements section.

    The Keycloak URL to which the storefront redirects when you login. For example, https://<KEYCLOAKURL>/auth/realms/<REALM ID>/protocol/openid-connect/auth).


    The Keycloak URL to which the storefront redirects when you logout, https://<KEYCLOAKURL>/auth/realms/<REALM ID>/protocol/openid-connect/logout.

  5. Create and configure a new Amazon Elastic Load Balancer (ELB) with the ECS service and appropriate SSL certificates.