Excluding certain domains and subdomains from RONIN

If you are using your RONIN domain for other production services, they need to be identified as "protected domains", so that they can be excluded from the RONIN UI and not break core networking functionality.

We have now created an easier way for administrators of the RONIN AWS account to manage a list of protected domains for RONIN via a Systems Manager Parameter store. This blog post will provide the necessary steps for you to set up the required parameter which will exclude/protect certain domains from RONIN.

  1. In the AWS console of the RONIN account, navigate to the "Systems Manager" service
  2. In the left toolbar, under "Application Management" select the "Parameter Store"
  3. If a "/ronin-protected-domains/1" parameter is not available, select "Create parameter", otherwise select this parameter and click edit to update your protected domains list.
  4. Fill in the new parameter form with the following information:
  • Name: /ronin-protected-domains/1 (This exact name MUST be used for RONIN to use this parameter correctly)
  • Description: New line separated list of domains to be excluded from RONIN (Optional, but helps other administrators in the account understand what the parameter is used for)
  • Tier: Standard
  • Type: String
  • Data Type: Text
  • Value: A newline separated list of domain prefixes (NO commas) you wish to exclude/protect from RONIN. For example, if your RONIN webserver domain is "ronin.myinstitution.cloud" and you have a production server at "production.myinstitution.cloud", you will need to add "production" to the list. Any subdomains must be listed as above, as well as with a period in front of the subdomain to wildcard any domains that may be using the subdomain too e.g. "subdomain.myinstitution.cloud" must be listed as "subdomain" and ".subdomain" in the list to protect something like "machine.subdomain.myinstitution.cloud" from being used in RONIN. Your "Value" section of the parameter form for these examples should then look something like:
production
subdomain
.subdomain
  • Tags: Optional - not required for RONIN functionality.

Click "Create parameter" to set up the new parameter.

💡
If you have a very long list of domains and you run out of characters in the "value" field, you can simply create another parameter called /ronin-protected-domains/2 and continue creating parameters under the /ronin-protected-domains/ list as needed e.g. /ronin-protected-domains/3, /ronin-protected-domains/4 etc. You can also use these lists to separate out domains into categories if desired.

The best way to test if your new parameter has worked is to login to RONIN, select a project, navigate to the "New Machine" screen, select Step 2. "Address" and type in one of the values you put in your protected domains list. If the parameter is working correctly, you will see an error message which states the address is not available for use in RONIN:

You can update or change your list of protected domains in the Parameter Store at any time. The changes will be effective immediately in RONIN and any networking issues should be resolved.