This section outlines steps to create and deploy instances for a basic setup of Access Manager. A basic setup includes an Administration Console, an Identity Server, an Access Gateway, and a user store.
Perform the following steps to create four instances: One for Administration Console, one for Identity Server, one for Access Gateway, and one for the Active Directory user store.
Click Services > EC2.
Click Launch Instance.
Select the SLES 12 SP5 or RHEL 8.3 image if you are creating this instance for an Access Manager component (Administration Console, Identity Server, or Access Gateway).
When creating an instance for the Active Directory user store, select a Windows 2012 R2 image instead of SLES or RHEL.
All instances that you create for deploying Access Manager components (Administration Console, Identity Server, or Access Gateway) must have the same operating system type (SLES or RHEL).
Select the instance type that meets requirements of the base operating system and deployment of Access Manager components. See NetIQ Access Manager System Requirements.
Each type has its own instance configuration settings, optimizations, and associated costs.
Click Next: Configure Instance Details.
Ensure that the instance is using the correct VPC and subnet.
|
Field |
Action |
|---|---|
|
Auto-assign Public IP |
Set to Enable. |
|
Network Interfaces |
Specify a static IP address in Primary IP. |
Click Next: Add Storage.
The default storage size is 10 GB. Change it as per your requirement.
Click Next: Add Tags.
Add tags as desired. Tags enable you to organize instances. For example, you can add the following two tags to each instance:
A tag indicating what the instance is being used for
A tag indicating who is the owner of this machine
Click Next: Configure Security Group.
Security groups are virtual firewall rules for groups of instances. It is recommended to create a separate security group for each group of instances with the same firewall requirements.
For example, you can configure a security group for all nodes of Administration Console, one security group for all nodes of Identity Server, and one security group for all nodes of Access Gateway. By default, a new security group only allows incoming traffic on port 22, so that you can only connect to the instance by using SSH.
For more information, see Amazon EC2 Security Groups for Linux Instances.
Create a new security group; specify a name and description for it.
Add additional port rules before installing the Access Manager components. For information about required ports, see Table 1-7, Table 1-8, and Table 1-9.
Click Review and Launch.
After reviewing the details, click Launch.
Select an existing key pair or create a new one.
This key pair is used for SSH access to the instance. You can use the same key pair with multiple machines.
Click Download Key Pair.
IMPORTANT:You can connect to and manage your instances only using the private key. Therefore, do not lose the private key after downloading it.
Continue with Installing Access Manager.