Amazon Web Services (AWS) deploy tasks

Deploying to Amazon Web Services includes the following tasks:

 

Amazon Web Services import tasks

Task Description Related Topic(s)
Download the latest OVA Download current version of the Access Gateway OVA. Download the latest OVA image

Install the AWS Command Line Interface

Many of the tasks required for AWS can be done at the command line.

Install and configure AWS command line support

Determine AWS Region AWS regions represent geographical locations where virtual machines are housed. Determine your AWS region
Upload Access GatewayOVA

Uploading the Access Gateway into AWS involves:

  • Creating an S3 bucket.
  • Uploading the OVA to the bucket.

 

Create AWS S3 Bucket

Upload an OVA to an S3 Bucket

Convert Access Gateway OVA to AWS AMI

AWS requires AMI rather then OVA files. To convert an OVA to an AMI:

  • Create required roles and policy.
  • Grant role to bucket.
  • VMImport OVA from bucket.

Create and associate AWS Roles
Import an OVA to AWS
Perform AWS Specific post installation tasks

Most virtualization environments require some post installation tasks. For AWS this includes:

  • Launch instance.
  • Obtain and AWS Elastic IP Address.


Launch AWS Instance

Obtain AWS Elastic IP address

Post deployment tasks

All deployments of Access Gateway require a set of common tasks including:

Task Description Related Topic(s)

First Login

Reset the Access Gateway Management console password.
Reset the virtual appliance at the command line.

First login to Command Line Console
Initialize Access Gateway Command line

Determine the IP Address assigned and configure DNS Determine Access Gateway IP address.

Configure required /etc/hosts admin entry
Configure required DNS entries.
Determine Access Gateway IP address, for non-AWS instances.
Configure Admin /etc/hosts entry
Configure Access Gateway DNS
Initialize Access Gateway

Initialize the cookie domain and instance hostname.


Initialize Access Gateway Console
Configure an identity provider

Configure Okta tenant as identify provider

Setup SAML Access.

Configure your Okta tenant as an Identity Provider

Configure SAML access to Access Gateway from your Okta tenant

Configure Okta Tenant to allow access to Access Gateway using SAML.

Configure Administration Access using SAML

Important Note

Important

When creating a set of Access Gateway nodes, for use in a High Availability Cluster, care should be taken to name the nodes appropriately.
Note also, node names must be resolvable between Access Gateway instances before configuring High Availability.

High availability and load balancer tasks

Organizations which are implementing high availability and load balancing will also want to perform the following tasks.

Task Description Related Topic(s)
Configure Load Balancer Configure a load Balancer and related health checks. Configure Amazon Web Services load balancers
Improve health checks Improve load balancer health monitoring by creating apps which return HTTP 200. Improve AWS Load Balancer Health Monitoring