Bootstrap Access Gateway with Amazon Web Services

Okta Access Gateway Bootstrap with Amazon Web Services details how to deploy and configure Access Gateway for development use quickly and easily using an AWS environment.
Overall the goal is to help you perform the specific tasks required to get your Access Gateway application up and running as quickly as possible. See Manage Access Gateway deployment for all currently supported virtual environments and the underlying tasks required to deploy to each.


Access Gateway bootstrap with AWS is for anyone who needs to perform basic deployment and integration tasks with Access Gateway. Administrators following this guide will have an Access Gateway development environment, running on AWS, when complete.

No experience with Access Gateway is required, but you'll need a basic knowledge of networks and firewalls.
Specifically this guide covers these tasks:

  1. Deploy the gateway - How to deploy the Access Gateway virtual appliance into and Amazon Web Services virtual environment.
  2. Configure the gateway - Initialize the Access Gateway instance, including basic networking settings.
  3. Integrate the Access Gateway with Okta as IdP .
  4. Create SAML access application - configure an application to simplify Access Gateway login and access.


Task Description
Introduction to Access Gateway

During this task we will review Access Gateway to become more familiar with the product.

Download the latest Amazon Web Services image

All deployments start with downloading an environment specific instance of Access Gateway.
During this task you will download the AWS specific Access Gateway image.

Install and configure the Amazon Web Services command-line interface

Most AWS operations can be performed using the AWS console or the AWS command line.?
During this task we will install and configure AWS command line support.

Determine the Amazon Web Services storage region

AWS regions are required in a number of areas.
During this task we will determine the default region.

Create an Amazon Web Services S3 bucket

AWS deploy OVA process requires an S3 bucket to contain and process an OVA.
During this task we create the required bucket.

Upload an OVA to an AWS S3 bucket

During this task we upload the Access Gateway OVA to the newly created AWS bucket.

Create and associate AWS roles Importing VMs requires a set of well defined privileges.
During this task we create required roles and assign required privileges.
Import an OVA to AWS During this task we import an uploaded OVA into AWS as an VM.
Launch as AWS instance During this task we launch a previously imported VM.
Obtain AWS Elastic IP address

VMs require IP addresses.
During this task we use the AWS elastic ip address process to obtain a VM ip address

Amazon Web Services post-deployment tasks Once an an instance is up and running in AWS we must perform a number of follow on activities.
During these tasks we perform required post deployment configuration such as changing default passwords, initializing Access Gateway for a given domain, and specifying Okta as IDP.