The easiest way to set up Deepfactor Portal in your AWS cloud is to use our CFT which creates the following resources:
1. One EC2 instance - m5a.2xlarge (recommended) 2. Two EBS storage devices totalling 520GB. 3. An Elastic IP (EIP) address.
To install using CFT, you will need the following:
1. IAM user with the following policies attached:
[ "cloudformation:CreateUploadBucket", "ec2:AuthorizeSecurityGroupIngress", "ec2:DescribeInstances", "ec2:DescribeAddresses", "s3:CreateBucket", "s3:ListBucket", "cloudformation:DescribeStackEvents", "ec2:DescribeNetworkInterfaces", "ec2:DescribeAvailabilityZones", "ec2:CreateSecurityGroup", "ec2:DescribeAccountAttributes", "ec2:DescribeKeyPairs", "ec2:AuthorizeSecurityGroupEgress", "cloudformation:ListStacks", "cloudformation:DescribeStackResources", "ec2:RunInstances", "ec2:DescribeSecurityGroups", "ec2:AllocateAddress", "cloudformation:GetTemplateSummary", "cloudformation:DescribeStacks", "s3:PutObject", "s3:GetObject", "ec2:GetConsole*", "cloudformation:CreateStack", "ec2:DescribeVpcs", "cloudformation:GetTemplate", "ec2:DescribeSubnets", "ec2:AssociateAddress", "cloudformation:ValidateTemplate" ]
As a general security guideline, we recommend creating and using an IAM user with the least privileges to install the Deepfactor Portal on your premise. We highly discourage the usage of root users for deploying or managing the Deepfactor Portal.
2. If you intend to use a hostname for the portal different from the one generated by AWS, you will additionally need permissions to create an ‘A’ record in your DNS server which points the portal hostname to the Elastic IP created by the CloudFormation stack.