Launch the Identity Router for Amazon Web ServicesLaunch the Identity Router for Amazon Web Services
Use the identity router Amazon Machine Image (AMI) provided by SecurID to launch the identity router as a virtual instance in your Amazon Web Services (AWS) cloud environment. You configure your Amazon environment and deploy AMIs using the Elastic Compute Cloud (EC2) web-based interface.
Before you begin
- You must be a Super Admin in the Cloud Administration Console.
- Your Amazon environment must meet the Amazon Web Services Identity Router Deployment Requirements.
- Obtain the Identity Router Image.
Procedure
- Sign into Amazon EC2.
-
Follow the AWS documentation provided by Amazon to install the virtual instance using the AMI.
When prompted, specify the following:
Setting Description AMI template The AMI template image provided by SecurID. Instance type Determines presets for the virtual instance. The identity router requires a t2.large instance or greater. Virtual Private Cloud (VPC) The section of your Amazon environment where you will deploy the identity router. Subnet A subnetwork within your VPC where you will deploy the identity router. The subnet can be public or private, depending on how resources and users will connect to the identity router. Auto-assign Public IP Determines whether Amazon issues dynamic public IP addresses for the identity router, or the IP address is determined by the subnet settings. If your organization manages its own DNS service, SecurID recommends allocating a persistent Elastic IP address through AWS, and assigning it to the identity router instance after you complete the instance launch process. Storage Virtual storage space. The identity router requires 54 GB General Purpose SSD (GP2) storage. Tags Optional labels that describe this identity router. SecurID recommends adding a tag specifying the Fully Qualified Domain Name, which acts as a unique identifier to differentiate this identity router from others in your deployment. Security groups Firewall rules that control traffic to and from the identity router. Add security groups that allow necessary traffic from other network resources according to your deployment model. See Identity Router Network Interfaces and Default Ports. - Review the configuration and launch the instance.
- If prompted to select a key pair, select Proceed without a keypair.
- Use the Get instance screenshot feature to monitor instance deployment status. When deployment is complete, the screenshot displays the URL for the Identity Router Setup Console.
After you finish
Configure Network Settings Using the Identity Router Setup Console.
