Thorn Tech Marketing Ad
Skip to main content
Version: 1.1.1

StorageLink AMI Deployment

Overview

This guide walks you through launching StorageLink as an Amazon Machine Image from the AWS Marketplace.

Launch this software | Usage Instructions

The Launch this software page is a much simpler version of the EC2 launch wizard. You configure just a handful of frequently used parameters such as Instance Type and Subnet Settings.

Choose Action

Select Launch from Website to use this simplified EC2 launch page.

If you need to configure options not listed on this page (e.g. tags or disk volume size), select Launch through EC2. This will take you through the standard EC2 launch wizard instead.

EC2 Instance Type

For testing, use a t3.medium. The t3 class is cheaper, but cannot handle sustained traffic.

For production, use an m5.large or better.

VPC Settings

Choose the default vpc, which is public by default. This launch form doesn't designate the default vpc with a * as advertised, but there's another way to figure this out.

Select different vpc options while keeping an eye on the Subnet Settings below. When the subnets start with 172.31., you found the default vpc.

Subnet Settings

It doesn't matter which subnet you choose, since all subnets within the default vpc are public. Just verify that the subnet starts with 172.31.

Security Group Settings

  1. Click the button Create New Based On Seller Settings to create a new security group
  2. Enter a Name and Description
  3. For each port (22, 80, 443), change the Source to Custom IP
  4. Get your current IP address from http://checkip.dyndns.org/
  5. Enter this as the source IP, followed by /32. For example, 1.2.3.4/32
  6. Click Save

Key Pair Settings

Select a key pair of which you own the private key

Post configuration

After launching the EC2 instance, you need to manually perform a few initialization steps.

Create an IAM policy

An IAM policy grants permissions such as creating S3 buckets, listing KMS keys, and writing CloudWatch logs.

  1. Go to the AWS console > IAM > Policies
  2. Click Create policy
  3. Select the JSON tab
  4. Paste in the sample JSON snippet (see below)
  5. On the Review policy page, type StorageLinkPolicy for the Name
  6. Click Create Policy

Sample JSON snippet:

{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:*",
"Resource": [
"arn:aws:s3:::swiftgateway-i-*"
]
},
{
"Effect": "Allow",
"Action": [
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:DescribeLogStreams",
"logs:CreateLogGroup",
"ec2:DescribeInstances",
"ec2:DescribeTags",
"s3:ListAllMyBuckets",
"kms:ListAliases",
"kms:ListKeys"
],
"Resource": "*"
}
]
}

Note: If you know you need to create S3 buckets per-user, open up the permissions like this:

        {
"Effect": "Allow",
"Action": "s3:*",
"Resource": "*"
}

Create an IAM role

  1. Go to the AWS console > IAM > Roles
  2. Click Create role
  3. When choosing a service for this role, click EC2 and then click Next: Permissions
  4. On the attach a permissions policy page, look for Filter policies and select Customer managed
  5. Check the box next to StorageLinkPolicy, which you created earlier
  6. Click Next: Tags
  7. Click Next: Preview
  8. Type in StorageLinkRole as the Role name
  9. Click Create role

Attach the IAM role

  1. Go to the AWS console > EC2 > Instances
  2. Check the box next to your StorageLink instance
  3. Click on Actions > Instance Settings > Attach/Replace IAM Role
  4. Select the StorageLinkRole IAM role you created earlier
  5. Click Apply

Associate an Elastic IP address

As with any server, you want to assign it an Elastic IP address, which is like a static IP address. Otherwise, your public IP address will change whenever you stop the EC2 instance.

  1. Go to the AWS console > EC2 > Elastic IPs
  2. Click Allocate new address
  3. Click Allocate
  4. Click on the newly allocated IP address
  5. Under Actions, select Associate address
  6. From the Instance drop-down, select your EC2 instance
  7. Click Associate