Free Training
We provide complimentary training sessions. For more information or to request assistance, please visit our training page.
Deploy the product
First, subscribe to the product on the AWS Marketplace, and then deploy this CloudFormation file.
Steps
A comprehensive list of steps to ensure a successful deployment:
- Verify you are in the correct AWS account.
- Ensure you are in the appropriate region.
- Subscribe to the product using the link provided above, and ensure not to launch the product from the AWS Marketplace.
- Confirm the product was not launched from the AWS Marketplace.
- Deploy the product using the CloudFormation template link provided above.
- Wait for the deployment to complete while continuing to review the remaining documentation.
Initial Startup
Expect a slight delay in the startup time of our product relative to launching an instance with a standard AMI. This occurs as our bespoke software configuration is applied to tailor the product to your needs, extending the initialization process by a few minutes.
Server Connection
To access the server, retrieve its IP address and establish an SSH connection using the ec2-user
username. Ensure you employ the private key chosen during deployment for authentication. Once connected, a customized Message of the Day (MOTD) will welcome you, offering comprehensive details about the product.
Working with PGP - Optional
Creating a PGP Key
To integrate PGP support during deployment, follow these steps to generate a PGP key and prepare it for use:
-
Generate a New Key Pair: Begin by generating a new key pair with your email address.
gpg --quick-generate-key YOUR_EMAIL
-
List Keys to Find the New Key ID: Identify the ID of the newly generated key by listing all secret keys.
gpg --list-secret-keys --keyid-format=long
-
Export the Key: Export the generated key using its ID. This will display the key on the screen.
gpg --armor --export THE_KEY_ID
When exporting the key, note that for deployment, you'll need to remove the header and footer from the displayed key, leaving only the key block. This block consists of two sections: the key itself and the seed (the very last line, not part of the actual key). Save the seed separately for deployment use.
Transform the remaining key block into a single continuous line; this is the format required for pasting during the deployment process.
Generating Keys for Users
-
Create a Subkey for User Encryption: Access the key editing interface for the main key ID.
gpg --edit-key MAIN_KEY_ID
In the interactive mode, use the "addkey" command and choose option 6 for RSA (encrypt only).
-
Identify the New Subkey ID: View the newly created subkey ID by listing keys/subkeys.
gpg --list-secret-keys --keyid-format=long
-
Export the User's Private Subkey: Export the private key associated with the user's GPG interface.
gpg --armor --export-secret-key SUB_KEY_ID
Decrypting Data
To decrypt data, use the following command, replacing decrypted_file.extension
and encrypted_file.extension
with the appropriate filenames:
gpg -o decrypted_file.extension --decrypt encrypted_file.extension
These instructions will guide you through generating and preparing PGP keys for secure data encryption and decryption, enhancing the security of your deployment.
Advanced Details
Key Features
- Unlimited Storage: Offers boundless storage capacity for uploaded data, accommodating large-scale data ingestion without limitations.
- EFS Drive Browsing: Facilitates effortless exploration and access to pre-existing Elastic File System (EFS) drives, enhancing data management efficiency.
- Optional PGP Support: Provides the option for advanced PGP encryption for files at rest, ensuring heightened security for individual files.
Use Cases
The versatility of our product allows for a wide range of applications, limited only by your imagination. Some scenarios to consider include:
- Large-Scale Data Ingestion: Effortlessly ingest and store vast amounts of data at a predictable cost.
- Secure Data Sharing: Facilitate secure data exchanges with financial institutions or other entities requiring stringent data protection measures.
- EFS Drive Management: Easily navigate and access the contents of EFS drives within your account, streamlining data retrieval.
- Enhanced Data Security: Offer a secure repository for sensitive information with the added protection of PGP encryption, ideal for safeguarding critical data.
How To
How To Change the Instance Type
Ensure your data is backed up regularly. A straightforward method includes:
- Navigate to the CloudFormation console.
- Select the stack you wish to update.
- Click the
Update
button. - Proceed with the default option by clicking
Next
. - On the
Parameters
page, select a new instance type from the dropdown menu. - Continue clicking
Next
until the process concludes.
Wait for the stack update to complete.
F.A.Q
These are some of the common solutions to problems you may encounter:
Not authorized for images
My CloudFormation stack encountered a failure with the following error: API: ec2:RunInstances Not authorized for images:...
in the Event tab.
Solution
Before using our CloudFormation file, please ensure that you accept the subscription from the AWS Marketplace.
The product is misbehaving
I followed all the instructions from the documentation.
Solution
Please verify if the values entered in the UserData section have been successfully passed to the instance itself.
sudo cat /var/lib/cloud/instance/user-data.txt
UserData seams ok
The UserData reached the instance, but the product is not behaving as expected.
Solution
Use the following command to check if there were any errors during the boot process.
sudo cat /var/log/messages | grep 0x4447
Issue with EFS backup restoration
I launched the product using an EFS drive restored from a backup, but unfortunately, the product is not functioning as expected..
Solution
You need to reorganize the EFS drive. AWS restores the data, even on a new and empty drive, in special folders called: aws-backup-restore_timestamp-of-restore
. Meaning, AWS does not recreate the original folder structure during the restoration process. Check how AWS restores EFS Backups to learn more.
Before utilizing the restored drive, you have the option to reorganize it using our SFTP product.