Local
Provides instructions for getting ConsoleMe up and running locally.
ConsoleMe requires Python 3.8 or above. Install git, docker, and docker-compose _**_on your system, consider following Docker's post-installation steps for Linux, then clone ConsoleMe locally in a directory of your choosing via HTTP or SSH:
MacOS
Linux
Ubuntu disco/19.04+, Debian buster/10+
Clone the ConsoleMe repo
Clone ConsoleMe locally in a directory of your choosing:
Start Redis and DynamoDB containers
A local set of Redis and DynamoDB (local) instances need to be set up. These are provided as Docker containers. In a separate terminal window, start the local Redis and dynamodb instances:
Get access to administrative credentials on your account
For an initial setup, we advise making an IAM user with sufficient privileges to allow ConsoleMe to sync your IAM roles, S3 buckets, SQS queues, SNS topics, and AWS Config data. Sections below outline the required permissions. See this page for configuring your user credentials.
After you have ConsoleMe set up, you should no longer need IAM user credentials. Please set a reminder to delete these when you're done with them.
Make a virtual environment and run the installation script
In repo root run make install
. Ensure that you have valid AWS credentials so that ConsoleMe can cache your resources.
Run ConsoleMe's backend with the default configuration
ConsoleMe requires Python 3.8+. If your virtualenv was installed under Python2.x this will blow up. You can usually fix this by uninstalling and reinstalling under python3.x by removing your existing virtualenv and creating a new one with Python 3:
python3 -m venv env
. When themake install
command is running, it will install all the dependencies, and it will also run ConsoleMe Celery tasks to populate its Redis cache if necessary. This also updates the local DynamoDB instance, which persists data on disk. This command will need to be run anytime you want to update your local cache. In a production environment, you'd be running Celery, which has scheduled tasks that would update your resource cache automatically.
For local, unauthenticated development, the default configuration (example_config/example_config_development.yaml
) will override the user you are authenticated as for development.
Browse to ConsoleMe
You should now be able to access the ConsoleMe web UI at http://localhost:8081/ (Or http://localhost:3000 if you ran cd ui ; yarn start
).
You'll notice that you're unable to access any IAM roles with the default configuration. You'll need to follow the guidance under Role Credential Authorization to grant access to role credentials to your users and/or the groups they are members of.
Create your Configuration
At this point, you'll want to configure ConsoleMe to suit your needs. Read up on ConsoleMe’s yaml configuration. ConsoleMe can be configured to authenticate your users via SAML, OIDC, header authentication, or it can bypass authentication altogether. We have a script that can help you generate your ConsoleMe configuration. Read more about that in our Configuration FAQ.
Then, set the CONFIG_LOCATION
environment variable to the full path of your configuration file, or copy the configuration to one of the locations ConsoleMe will load from (described here).
Last updated