Preliminaries
Create two IAM accounts: an admin to set up and modify the network using the shrineNetworkLifecycle command line tool, and one for the hub tomcat process to use to send and receive messages. That admin account will need : TODO - and how to do it
Configure the Hub's shrine.conf
In tomcat's shrine.conf in the hub, turn off the in-tomcat messaging by setting shrine.hub.messagequeue.blockingWebApi.enabled to it's default false value by removing it from the hub block:
shrine { ... hub { create = true }//hub ... }//shrine
Tomcat will need the hub's AWS SQS credentials to send and receive messages. Add your access ID and secret to tomcat's password.conf:
shrine.aws.accessKeyId = "HUBAWSKEYID" //the hub's AWS access key id - usually all capitals and numbers shrine.aws.secretAccessKey = "hubAwsSecretKey" //the hub's AWS secret key - very long, mixed case letters and numbers
Configure shrineNetworkLifecycle
The shrineNetworkLifecycle needs the admin AWS credentials to create, modify, and delete AWS SQS Queues. Add that to the shrineNetworkLifecycle's conf/password.conf :
shrine.aws.accessKeyId = "ADMINAWSKEYID" //the admin AWS access key id - usually all capitals and numbers shrine.aws.secretAccessKey = "AdminAwsSecretKey" //the admin AWS secret key - very long, mixed case letters and numbers
network.conf
To use AWS SQS: in network.conf, specify an aws.sqs section with the specifics to share with downstream nodes:
shrine { network { network { name = "Network Name" hubQueueName = "hub" adminEmail = "yourEmail@yourhospital.edu" momId = "arn:aws:iam::1234567890:user/your-hub" aws.sqs = { queueOwnerAWSAccountId = "1234567890" //Digits networkPrefix = "shrine-dev" region = "us-east-1" } } nodes = [ { name = "Hub's node" key = "hub-node" userDomainName = "network-hub" queueName = "hubNode" sendQueries = "false" adminEmail = "yourEmail@yourhospital.edu" momId = "arn:aws:iam::1234567890:user/your-hub" } ] } }
The hub owns all of the AWS SQS queues. Find the queue owner's account ID by TODO
Choose a network prefix. This will be prepended to queue names to allow managing multiple networks in the same AWS account.
Use AWS IAM identity names of the account to receive the messages for the momId. Find this by TODO
Note that the network's momId is the same as hub's node. Each downstream node will have its own AWS AIM identity from its own AWS account.