AWS Installation

This guide covers what you need to provide to install DuploCloud AI Helpdesk on AWS and what DuploCloud will set up in your environment.

Overview

The installation deploys the following components into a dedicated namespace in your Kubernetes cluster:

All components run entirely within your AWS account.

Deployment Scenarios

Ideal: Fresh AWS Account (Recommended)

The cleanest path is to provide a dedicated, empty AWS account for DuploCloud AI HelpDesk. This gives DuploCloud full control to create all required infrastructure from scratch — VPC, EKS cluster, EFS, security groups, ACM certificates — with no risk of conflicting with existing workloads.

What you do:

1. Create a new AWS account (or sub-account in your AWS Organization)

2. Create an IAM user with full admin access and share the credentials with DuploCloud

3. DuploCloud handles everything from there

This is the fastest path to a clean, reproducible installation.

Alternative: Existing AWS Account

If you prefer to install into an existing AWS account (e.g. alongside other workloads), this is fully supported. DuploCloud HelpDesk deploys into a dedicated Kubernetes namespace and does not modify any resource that was created outside of Duplo.

What you need to ensure:

• An existing EKS cluster with available node capacity

• A VPC with public subnets for the ALB

• Permission to create EFS, security groups, and ACM certificates in the account

Installation Requirements

In either of the scenarios above, we will need:

1. AWS Access

2. Kubernetes Cluster

No cluster yet? If you don't have an EKS cluster, DuploCloud will create one. Full admin access to the account is required for this.

Sharing a cluster: Multiple applications can coexist in the same EKS cluster — each runs in its own namespace. HelpDesk deploys into duploservices-<name> by default.

3. Domain and DNS

4. Administrator Emails

These accounts receive full administrative access to DuploCloud after installation.

Granting Installer Access

DuploCloud requires full admin access to your AWS account to perform the installation — this is needed to create the VPC, EKS cluster, EFS, load balancer, security groups, and ACM certificates.

The recommended approach is to create a dedicated IAM user with AdministratorAccess and share the credentials securely with DuploCloud:

1. In the AWS Console → IAM → Users → Create user

2. Name it duplocloud-installer (or similar)

3. Attach the AdministratorAccess policy directly

4. Under Security credentials → create an Access Key (for CLI use)

5. Share the Access Key ID and Secret Access Key with DuploCloud

Alternatively, if your organization uses IAM roles, you can create a role with AdministratorAccess and add DuploCloud's IAM identity as a trusted principal so we can assume it. DuploCloud will confirm the exact trust policy configuration.

After installation: Access can be revoked by deleting the IAM user or role. If you require tighter permission scoping, contact DuploCloud — scoped IAM policies are available for environments where full admin access is not permitted.

What DuploCloud Will Do

Once credentials are shared, our team handles the full installation end-to-end:

• Provision infrastructure (if starting fresh) — create the VPC, EKS cluster, node groups, EFS filesystem, security groups, and ACM certificate

• Deploy HelpDesk — install all components via Helm chart into a dedicated namespace

• Configure networking — set up the ALB ingress, SSL termination, and DNS records for your portal domain

• Set up your environment — configure the first providers, skills, and workspaces so your team can get started right away

• Verify and hand off — confirm all services are healthy and provide the application URL

Total time is typically 30–60 minutes.

Connecting AWS to DuploCloud (Post-Installation)

Once the portal is live, you can connect AWS accounts to it so the AI agent can query and manage your infrastructure. See the AWS Provider guide for full setup instructions, including using the CloudFormation template to create the required IAM roles.