Deploy an Ubuntu/Debian Amazon Web Services server with user data and an attached cloud account
This guide provides the information you need to deploy an Ubuntu/Debian Amazon Web Services Cloud server with systemd to your Advanced Server Access team. Depending on your target server and enrollment type some topics in this guide may not apply to you, such as if your team's project does not have a cloud account added or you plan to add a different server type to your project. Modify your steps as needed to fit your team, or refer to a different guide on the cloud deployments page.
Creating a cloud server with user data means installing the Advanced Server Access agentA software agent is a lightweight program that runs as a service outside of Okta. It is typically installed behind a firewall and allows Okta to tunnel communication between an on-premises service and Okta's cloud service. Okta employs several agent types: Active Directory, LDAP, RADIUS, RSA, Active Directory Password Sync, and IWA. For example, users can install multiple Active Directory agents to ensure that the integration is robust and highly available across geographic locations. when you create a server with a cloud provider. Using user data to install software on a new cloud server can be done through any cloud provider, though the user data that is used helps dictate the specific software that's needed. For Advanced Server Access, user data is used is to install the Advanced Server Access agent on your cloud server. Installing the Advanced Server Access Agent on a Cloud Server doesn't need to be done when the cloud server is created, but running the installation as user data alongside a server's creation ensures that your cloud deployment is as safe and secure as possible.
You need the following permissions and resources to deploy an Amazon Web Services Server with Userdata
Amazon Web Services
|Amazon Web Services Account||An Amazon Web Services account is needed to access the AWS Management console, where you can create a virtual machine for your team.|
Advanced Server Access
|Advanced Server Access Team||This is the top-level object that is representing an organization within Advanced Server Access.|
|Advanced Server Access Project||This is the authorization-scope of your team, organizing your users, groups, and servers.|
Deploying an Amazon Web Services server with user data consists of two procedures:
- Create a server from the Amazon Web Services Management console
- Enroll your server in Advanced Server Access by attaching your cloud account
Sign in to the Amazon Web Services Management console.
- Click the Services tab at the top of the console and select the EC2 option in the Compute category to create a new EC2 Server.
- Click Launch Instance.
- On the Choose an Amazon Machine Image page, scroll down the page and click the Select button for Ubuntu server 16.04 LTS (HVM), SSD Volume Type. Doing this sets your new instance as an Ubuntu/Debian Server with systemd.
- On the Choose an InstanceAn instance, or computer instance, is a virtual machine (VM) or individual physical computer, used to host a software appliance. Type page, click Next: Configure Instance Details.
- Select the Advanced Details box on the Configure Instance Details page to access the User Data field.
In the User data field, copy and paste the following text:
echo "deb http://pkg.scaleft.com/deb linux main" | sudo tee -a /etc/apt/sources.list
curl -C - https://dist.scaleft.com/pki/ scaleft_deb_key.asc | sudo apt-key add -
sudo apt-get update
sudo atp-get install -y scaleft-server-tools
- Click Review and Launch, then click Launch. The Select an existing key pair or create a new key pair dialog box appears.
- Select the Proceed without a key pair option from the drop-down box.
- Confirm and acknowledge your choice by selecting the relevant check box, then click Launch Instances.
- Click View Instances. You should see the new server being initialized on the Instances page.
- Within the Amazon Web Services management console, select the dropdown next to your profile name at the top of the page and click My Account.
- Copy your account ID number under Account Settings.
Navigate to your team's dashboard within the Advanced Server Access console.
- Click the Projects header at the top of the console and select a project for your server.
- Click the Enrollment tab within your project's console.
- Click Add Cloud Account.
- Paste your Amazon Web Services account ID number in the Account ID field, and add a description if needed.
- Click Submit.
- Navigate to the Servers tab and confirm that your new server is listed.
Ensure that your new server is listed in your Project's Server tab within the Advanced Server Access console before trying to SSH into your team's servers.Top