Quick Installation

Porter provisions infrastructure in your own AWS account through the AssumeRole operation. Simply put, Porter can assume the role that you create in your own AWS account as long as you declare that you trust Porter to do so. This eliminates the need to rely on static AWS credentials and makes it easier to revoke access for security purposes.

The IAM role Porter creates must be kept in your AWS account for Porter to keep managing your infrastructure. Deleting this role will cause Porter to fail and stop managing your infrastructure.
  1. Once you create and select AWS as your cloud provider, you will be prompted to provide your AWS Account ID. You can find your Account ID at the top right corner of your AWS console. Input your Account ID and click on Grant Permissions.

Account ID

  1. You will be directed to your AWS console to create a CloudFormation stack. This stack will create the role Porter will assume to manage your infrastructure. Scroll to the bottom of the screen. Check the “I acknowledge…” box and click on Create Stack. It may take a few minutes for the role to be fully created.

Create Stack

If you want to use Porter with less expansive permissions than what is provisioned by the CloudFormation stack, please contact us to inquire about Porter Enterprise. Porter Enterprise requires minimum IAM permissions that are smaller in scope.
  1. After creating the role, navigate back to the Porter dashboard and click Continue. You will be prompted to select the AWS region that you want to provision your infrastructure in. Porter supports all AWS regions.


  1. Once you click Provision, Porter will start spinning up the requisite infrastructure in your account. This may take up to 30 minutes.
Common errors you may encounter during this process are AWS quota limits. Porter will prevent you from provisioning until these quota limits have been resolved. Troubleshooting steps will be shown on the dashboard if you encounter these errors.

Once you click Provision Resources, Porter will install all the requisite resources in your AWS account using the IAM credentials you have created. This may take up to 30 minutes.

Deleting Provisioned Resources

For Porter to delete your resources, it needs the IAM role that was initially created during provisioning. Please make sure to delete the resources first, and then delete the IAM role after. If you’ve already deleted the IAM role, you will have to delete the resources directly from the AWS console.

To delete resources that have been provisioned by Porter, click on the Infrastructure tab on the sidebar of the dashboard. There you can find the Delete Cluster button.

Delete cluster

Once the cluster has been deleted, navigate to CloudFormation Stacks in your AWS console to delete the role that was created during initial provisioning. This will revoke Porter’s access to your account. Select the stack named PorterRole and click Delete.

Revoke Access

Deleting resources on AWS via Porter may result in dangling resources. After clicking delete, please make sure to check your AWS console to see if all resources have properly been removed. You can remove any dangling resources via either the AWS console or the CLI.

For a guide on how to delete the dangling resources, see Deleting Dangling Resources.