We’re integrating Tectonic with Red Hat OpenShift

We are bringing the best of Tectonic to Red Hat OpenShift to build the most secure, hybrid Kubernetes application platform.

AWS: Installation Requirements

What You Need

  • Access Key and Secret
  • Region and Availability Zone to use
  • Tectonic License and Pull Secret
  • SSH Key pair in that region
  • KMS Key in that region or access rights for Tectonic to generate one
  • A Public Route53 Hosted Zone identifier. Public Route53 resolution is a requirement for controller-worker TLS communication. Tectonic will generate 2 subdomains in this Hosted Zone during provisioning.
  • A current version of the Google Chrome or Mozilla Firefox web browser to run Tectonic Installer.


The AWS Access Key you provide requires access to the following AWS services:

  • CloudFormation
  • ELB
  • EC2
  • KMS
  • Route53
  • S3
  • Security Groups
  • VPC

An importable AWS policy containing the minimum privileges needed to run the Tectonic installer can be found here.

Credentials are never stored and are only available in-memory during the lifetime of your installer execution. They are only transmitted when making the necessary requests to AWS APIs.


In order to access to the cluster 2 ELB backed services are exposed, both over the standard TLS port (443).