Deploy an AWS server with a cloud account

This topic explains how to deploy an Ubuntu or Debian Amazon Web Services (AWS) cloud server with systemd to your Advanced Server Access team. You may need to modify this process to fit your specific needs.

Creating a cloud server with user data means installing the Advanced Server Access server agent when you create a server with a cloud provider. Using user data to install software on a new cloud server can be done through any cloud provider, though the user data that is used helps dictate the specific software that's needed. For Advanced Server Access, user data is used to install the Advanced Server Access agent on your cloud server. Installing the Advanced Server Access server agent on a cloud server doesn't need to be done when the cloud server is created, but running the installation as user data alongside a server's creation ensures that your cloud deployment is as safe and secure as possible.

• Prerequisites
• Create a server from the AWS Management console
• Enroll your server in Advanced Server Access by attaching your cloud account
• Next steps

Prerequisites

Amazon Web Services

Requirement	Description
Amazon Web Services Account	An Amazon Web Services account is needed to access the AWS Management console, where you create virtual machines for your team.

Advanced Server Access

Requirement	Description
Advanced Server Access team	The top-level object that represents an Okta org within Advanced Server Access.
Advanced Server Access project	The authorization-scope of your team, organizing your users, groups, and servers.

Create a server from the AWS Management console

1. Sign in to the AWS Management console.
2. Click the Services tab at the top of the console and select the EC2 option in the Compute category to create a EC2 Server.
3. Click Launch Instance.
4. On the Choose an Amazon Machine Image page, scroll down and select a supported version of Ubuntu.

   This sets your new instance as an Ubuntu/Debian server with systemd.

5. On the Choose an Instance Type page, click Next: Configure Instance Details.
6. Select the Advanced Details box on the Configure Instance Details page to access the User Data field.
7. When creating a server in your AWS Management console, you must install Advanced Server Access server agent. Use the User data field to install the Advanced Server Access server agent. See Install the Advanced Server Access server agent for instructions.
8. Click Review and Launch, then click Launch.

   The Select an existing key pair or create a new key pair dialog appears.

9. Select the Proceed without a key pair option from the dropdown menu.
10. Confirm and acknowledge your choice by selecting the relevant checkbox, then click Launch Instances.
11. Click View Instances.

    You should see the new server being initialized on the Instances page.

Enroll your server in Advanced Server Access by attaching your cloud account

1. In theAmazon Web Services management console, select the dropdown menu next to your profile name at the top of the page and click My Account.
2. Copy your account ID number under Account Settings.
3. Go to your team's dashboard within the Advanced Server Access console.
4. Click the Projects header at the top of the console and select a project for your server.
5. Click the Enrollment tab within your project's console.
6. Click Add Cloud Account.
7. Paste your Amazon Web Services account ID number in the Account ID field, and add a description if needed.
8. Click Submit.
9. Go to the Servers tab and confirm that your new server is listed.

Confirm that your new servers are listed in the Server tab of your Advanced Server Access project before you attempt to connect to them.

Next steps

Verify server enrollment