The following steps guide you through the process of creating a cluster and deploying a sample app. This example assumes that you have successfully [installed and set up Constellation](,
and have access to a cloud subscription.
If you don't have a cloud subscription, you can also set up a [local Constellation cluster using virtualization](../getting-started/ for testing.
If you encounter any problem with the following steps, make sure to use the [latest release]( and check out the [known issues](
## Create a cluster
1. Create the [configuration file](../workflows/ and state file for your cloud provider.
This command creates IAM configuration for the AWS zone `us-east-2a` using the prefix `constellTest` for all named resources being created. It also updates the configuration file `constellation-conf.yaml` in your current directory with the IAM values filled in.
You can find a list of regions that support AMD SEV-SNP in [AWS's documentation](
If you require the OS image to be available in another region, [let us know](
You can find a list of all [regions in AWS's documentation](
constellation iam create azure --region=westus --resourceGroup=constellTest --servicePrincipal=spTest --update-config
This command creates IAM configuration on the Azure region `westus` creating a new resource group `constellTest` and a new service principal `spTest`. It also updates the configuration file `constellation-conf.yaml` in your current directory with the IAM values filled in.
CVMs are available in several Azure regions. Constellation OS images are currently replicated to the following:
If you require the OS image to be available in another region, [let us know](
You can find a list of all [regions in Azure's documentation](®ions=all).
constellation iam create gcp --projectID=yourproject-12345 --zone=europe-west2-a --serviceAccountID=constell-test --update-config
This command creates IAM configuration in the GCP project `yourproject-12345` on the GCP zone `europe-west2-a` creating a new service account `constell-test`. It also updates the configuration file `constellation-conf.yaml` in your current directory with the IAM values filled in.
Note that only regions offering CVMs of the `C2D` or `N2D` series are supported. You can find a [list of all regions in Google's documentation](, which you can filter by machine type `C2D` or `N2D`.
To learn about all options you have for managing IAM resources and Constellation configuration, see the [Configuration workflow](../workflows/
In case you don't have access to CVMs on Azure, you may use less secure [trusted launch VMs](../workflows/ instead. For this, set **confidentialVM** to `false` in the configuration file.
3. Create the cluster. `constellation apply` uses options set in `constellation-conf.yaml`.
If you want to manually manage your cloud resources, for example by using [Terraform](../reference/, follow the corresponding instructions in the [Create workflow](../workflows/
On Azure, you may need to wait 15+ minutes at this point for role assignments to propagate.
constellation apply -y
This should look similar to the following:
$ constellation apply -y
Checking for infrastructure changes
The following Constellation cluster will be created:
3 control-plane nodes of type n2d-standard-4 will be created.
1 worker node of type n2d-standard-4 will be created.
Cloud infrastructure created successfully
Your Constellation master secret was successfully written to ./constellation-mastersecret.json
Initializing cluster
Installing Kubernetes components
Your Constellation cluster was successfully initialized.
Use the CLI to terminate your cluster. If you manually used [Terraform](../reference/ to manage your cloud resources, follow the corresponding instructions in the [Terminate workflow](../workflows/
constellation terminate
This should give the following output:
$ constellation terminate
You are about to terminate a Constellation cluster.
All of its associated resources will be DESTROYED.
This action is irreversible and ALL DATA WILL BE LOST.
Do you want to continue? [y/n]:
Confirm with `y` to terminate the cluster:
Terminating ...
Your Constellation cluster was terminated successfully.
Optionally, you can also [delete your IAM resources](../workflows/