Deploy the product

Steps

A comprehensive list of steps to ensure a successful deployment:

1. Verify you are in the correct AWS account.
2. Ensure you are in the appropriate region.
3. Subscribe to the product using the link provided above, and ensure not to launch the product from the AWS Marketplace.
4. Confirm the product was not launched from the AWS Marketplace.
5. Deploy the product using the CloudFormation template link provided above.
6. Wait for the deployment to complete while continuing to review the remaining documentation.

Initial Startup

Expect a slight delay in the startup time of our product relative to launching an instance with a standard AMI. This occurs as our bespoke software configuration is applied to tailor the product to your needs, extending the initialization process by a few minutes.

Server Connection

To access the server, retrieve its IP address and establish an SSH connection using the ec2-user username. Ensure you employ the private key chosen during deployment for authentication. Once connected, a customized Message of the Day (MOTD) will welcome you, offering comprehensive details about the product.

Working with PGP - Optional

Creating a PGP Key

To integrate PGP support during deployment, follow these steps to generate a PGP key and prepare it for use:

1. Generate a New Key Pair: Begin by generating a new key pair with your email address.

   gpg --quick-generate-key YOUR_EMAIL
   

2. List Keys to Find the New Key ID: Identify the ID of the newly generated key by listing all secret keys.

   gpg --list-secret-keys --keyid-format=long
   

3. Export the Key: Export the generated key using its ID. This will display the key on the screen.

   gpg --armor --export THE_KEY_ID
   

When exporting the key, note that for deployment, you'll need to remove the header and footer from the displayed key, leaving only the key block. This block consists of two sections: the key itself and the seed (the very last line, not part of the actual key). Save the seed separately for deployment use.

Transform the remaining key block into a single continuous line; this is the format required for pasting during the deployment process.

Generating Keys for Users

1. Create a Subkey for User Encryption: Access the key editing interface for the main key ID.

   gpg --edit-key MAIN_KEY_ID
   

   In the interactive mode, use the "addkey" command and choose option 6 for RSA (encrypt only).

2. Identify the New Subkey ID: View the newly created subkey ID by listing keys/subkeys.

   gpg --list-secret-keys --keyid-format=long
   

3. Export the User's Private Subkey: Export the private key associated with the user's GPG interface.

   gpg --armor --export-secret-key SUB_KEY_ID
   

Decrypting Data

To decrypt data, use the following command, replacing decrypted_file.extension and encrypted_file.extension with the appropriate filenames:

gpg -o decrypted_file.extension --decrypt encrypted_file.extension

These instructions will guide you through generating and preparing PGP keys for secure data encryption and decryption, enhancing the security of your deployment.

Advanced Details

Key Features

• Unlimited Storage: Offers boundless storage capacity for uploaded data, accommodating large-scale data ingestion without limitations.
• EFS Drive Browsing: Facilitates effortless exploration and access to pre-existing Elastic File System (EFS) drives, enhancing data management efficiency.
• Optional PGP Support: Provides the option for advanced PGP encryption for files at rest, ensuring heightened security for individual files.

Use Cases

The versatility of our product allows for a wide range of applications, limited only by your imagination. Some scenarios to consider include:

• Large-Scale Data Ingestion: Effortlessly ingest and store vast amounts of data at a predictable cost.
• Secure Data Sharing: Facilitate secure data exchanges with financial institutions or other entities requiring stringent data protection measures.
• EFS Drive Management: Easily navigate and access the contents of EFS drives within your account, streamlining data retrieval.
• Enhanced Data Security: Offer a secure repository for sensitive information with the added protection of PGP encryption, ideal for safeguarding critical data.

How To

How To Change the Instance Type

Ensure your data is backed up regularly. A straightforward method includes:

1. Navigate to the CloudFormation console.
2. Select the stack you wish to update.
3. Click the Update button.
4. Proceed with the default option by clicking Next.
5. On the Parameters page, select a new instance type from the dropdown menu.
6. Continue clicking Next until the process concludes.

Wait for the stack update to complete.

F.A.Q

These are some of the common solutions to problems you may encounter:

Not authorized for images

My CloudFormation stack encountered a failure with the following error: API: ec2:RunInstances Not authorized for images:... in the Event tab.

The product is misbehaving

I followed all the instructions from the documentation.

sudo cat /var/lib/cloud/instance/user-data.txt

UserData seams ok

The UserData reached the instance, but the product is not behaving as expected.

sudo cat /var/log/messages | grep 0x4447

Issue with EFS backup restoration

I launched the product using an EFS drive restored from a backup, but unfortunately, the product is not functioning as expected..