Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.tensor9.com/llms.txt

Use this file to discover all available pages before exploring further.

This guide walks through the installation step by step.

Before You Begin

Make sure you have:
  • Your setup link (provided by us)
  • AWS CLI installed and configured with appropriate permissions
  • Terraform installed (v1.0+)
  • Permissions to create VPCs, subnets, IAM roles, security groups, S3 buckets, and EC2 instances
Open the setup link in your browser.

Step 2: Select AWS and Your Region

Choose AWS as your environment. Select the AWS region where you want the infrastructure deployed. Pick the region closest to your users or the one that matches your compliance requirements.

Step 3: Select Terraform as Your Install Method

Choose Terraform. The system generates a Terraform configuration tailored to your selections.

Step 4: Download and Apply the Infrastructure Template

The first Terraform file creates your foundational infrastructure:
  • A VPC with public and private subnets
  • IAM roles for the controller
  • Security groups with minimal required access
  • An S3 bucket for deployment state
Download the file, then run:
terraform init
AWS_PROFILE=<YOUR_PROFILE> terraform plan    # Review what will be created
AWS_PROFILE=<YOUR_PROFILE> terraform apply
Important: Replace <YOUR_PROFILE> with the name of the AWS CLI profile configured for your dedicated deployment account. Using ambient credentials (e.g., from a different account) can cause errors. You can check your available profiles with aws configure list-profiles.
Review the plan output carefully - it shows exactly what resources will be created in your account. The setup interface auto-advances when it detects the apply has completed.
Tip: You can review the .tf file before applying. Everything is standard Terraform - no custom providers or opaque modules.

Step 5: Download and Apply the Controller Template

Once the infrastructure is in place, a second Terraform file becomes available. This creates the EC2 instance that runs the controller.Download the file, then run:
terraform init
AWS_PROFILE=<YOUR_PROFILE> terraform plan
AWS_PROFILE=<YOUR_PROFILE> terraform apply
The controller instance:
  • Runs in your private subnet (no public IP)
  • Communicates outbound only - no inbound ports are opened
  • Uses the IAM role created in the previous step

Step 6: Wait for the Controller to Come Online

After the controller template is applied, the instance boots and connects to our systems. The setup interface shows progress. This typically takes 2-5 minutes.

Step 7: Configure Your Deployment

Once the controller is online, you move to configuration:
  1. DNS - Choose a domain for the application. See DNS and Domains.
  2. Services - Select any service options relevant to your deployment. See Services.
  3. Secrets - Create any required credentials directly in your AWS account. See Secrets.

Step 8: We Deploy

After configuration is complete, we deploy the application into the environment you prepared. The controller handles the deployment automatically - you don’t need to do anything for this step.

What Gets Created in Your Account

ResourcePurpose
VPCIsolated network for the deployment
Public subnetLoad balancer and NAT gateway
Private subnetController instance (no public IP)
NAT gatewayOutbound internet access for private subnet
IAM rolesPermissions for the controller
Security groupsNetwork access rules (minimal)
S3 bucketDeployment state storage
EC2 instanceRuns the controller
All resources are tagged for easy identification in your AWS console.

Understanding Permissions

The controller’s EC2 instance runs with an IAM instance profile. The role lives in your AWS account, and you can inspect it at any time:
aws iam get-role --role-name <controller-role-name>
aws iam list-attached-role-policies --role-name <controller-role-name>
To revoke access, detach the policies from the role or delete the role entirely. See Revoking Access for details.

Next Steps