Elastic Path Account Management Deployment Guide

Initializing Account Management API Service

Initializing Account Management API Service

  • Ensure that all requirements described in the Requirements section are met.
  • Ensure that the URLs for the Account Management user interface and Keycloak are available.
  • Ensure that Keycloak is configured and deployed.
  • Ensure that the client id and secret value are available.
  • Ensure that the username and password with administrative access to the Master realm in Keycloak is available.
  • Ensure that you have access to the account-management-1.0.0.zip file in the Elastic Path Public Nexus repository.
  • Ensure that the MySQL compatible RDBMS service is provisioned, the schema is initialized, and the username, password, and other connectivity details are available.
  1. Extract the files in the account-management-1.0.0.zip.
    The zip file should extract its contents including the folder `account-management-api`, which contains the code used in this step.
  2. Build the docker image (using `account-management-api/Dockerfile` on your local machine.
  3. Push the Docker image to Amazon Elastic Container Registry (ECR).
  4. Deploy the Docker image in Amazon Elastic Container Service (ECS) with the following environment variables:
    Parameter Value
    API_DB_DRIVER_CLASSNAME com.mysql.jdbc.Driver
    API_DB_USER The username of the administrator account in the MySQL Account Management schema.
    API_DB_PASSWORD The password of the administrator account in MySQL Account Management schema.
    API_DB_CONNECTION_URL jdbc:mysql//(MySQL Server IP/DNS Name):(MySQL Server Port)/(MySQL Account Management Schema)?characterEncoding=UTF-8
    EAM_IDP_BASE_URI the Keycloak URI/auth
    EAM_IDP_TOKEN_ENDPOINT the Keycloak URI/auth/realms/id of the realm/protocol/openid-connect/token
    EAM_IDP_REALM The id of the Realm.
    EAM_IDP_CLIENT_ID eam
    EAM_IDP_CLIENT_SECRET The secret generated in the 6.f step.
    EAM_IDP_ADMIN_REALM master
    EAM_IDP_ADMIN_CLIENT_ID admin-cli
    EAM_IDP_ADMIN_USERNAME The administrator username.
    EAM_IDP_ADMIN_PASSWORD The administrator password.
    EAM_AUTH_JWT_PRIVATE_KEY The JWT private key. For more information, see the Infrastructure Requirements section.
    EAM_AUTH_JWT_PUBLIC_KEY The JWT public keyshared with Elastic Path Commerce. For more information, see the Infrastructure Requirements section.
    STUDIO_LOGIN_REDIRECT_URL

    The Keycloak URL to which the storefront redirects when you login. For example, https://<KEYCLOAKURL>/auth/realms/<REALM ID>/protocol/openid-connect/auth).

    STUDIO_LOGOUT_REDIRECT_URL

    The Keycloak URL to which the storefront redirects when you logout, https://<KEYCLOAKURL>/auth/realms/<REALM ID>/protocol/openid-connect/logout.

  5. Create and configure a new Amazon Elastic Load Balancer (ELB) with the ECS service and appropriate SSL certificates.