The Secure Agent installer can help you create a runtime environment on Amazon Web Services (AWS). The runtime environment you create is a Secure Agent group that contains one Secure Agent.
When you create a runtime environment on AWS, you create a new stack where the Secure Agent is deployed. You can create the stack in a new or existing virtual private cloud (VPC). The installer creates an Amazon Elastic Compute Cloud (EC2) instance within the VPC.
To create a runtime environment, you must have a subscription with AWS that includes create, modify, and delete privileges for the following resource types:
•AWS CloudFormation template. The AWS CloudFormation template supports the following regions: ap-southeast-2, eu-west-2, eu-central-1, us-west-2.
•EC2 instances
•Elastic IP addresses
•Elastic network interfaces
•Internet gateways
•Route tables
•Security groups
•Subnets
•VPCs
You must also have read and launch permissions for machine images and AWS CloudFormation templates.
1In Administrator, select Runtime Environments.
2On the Runtime Environments page, click Manage Cloud Secure Agents.
3Click New Cloud Secure Agent.
4Select Amazon Web Services.
5Click Next.
6On the Environment Configuration page, copy the install token.
The install token is valid for 24 hours and can't be reused.
7 Choose whether to create the runtime environment on an existing or new VPC.
8Click Continue Configuration in AWS.
The AWS Sign in screen opens in a new browser tab.
9Sign in to your AWS account.
The Quick create stack page opens.
10In the Stack name area, enter a stack name.
11In the Parameters area, under Network Configuration, configure the following properties based on whether you're using an existing VPC or a new VPC.
- For an existing VPC, configure the following properties:
Property
Value
VPC ID
Select the ID for the VPC where you want to deploy the Secure Agent.
Subnet ID
Enter or select a subnet within the VPC.
Allowed Remote Access CIDR
Enter the CIDR block that specifies the IP addresses where the Secure Agent can be installed.
CIDR (Classless Inter-Domain Routing) is a method for allocating IP addresses. It configures a network rule to allow remote access to the Secure Agent. The "/x" portion of the address determines how many IP addresses are available in the subnet, for example: 108.124.81.10/32
- For a new VPC, configure the following properties:
Property
Value
Availability Zones
Select the availability zone for your region.
VPC CIDR
Enter the CIDR block that specifies the IP addresses where you want to create the VPC.
Subnet CIDR
Enter the CIDR block that specifies the IP addresses for the subnet in the availability zone that you selected.
Allowed Remote Access CIDR
Enter the CIDR block that specifies the IP addresses where the Secure Agent can be installed.
12Under Amazon EC2 Configuration, configure the following properties:
Property
Value
Key Pair Name
Enter the name of an existing EC2 key pair to enable external access to the EC2 instance. Corresponding key pair files are required for SSH access to the server.
Instance Type
Select the instance type for the EC2 instance or accept the default.
Default is m5.xlarge.
Enable Elastic IP Addressing
Choose whether to assign elastic IP addresses to the EC2 instance or accept the default.
Default is no.
13Under Informatica Intelligent Data Management Cloud (IDMC) Account Details, configure the following properties:
Property
Value
IDMC POD Master URL
Accept the default value for the IDMC POD Master URL. This is the URL that you use to access Informatica Intelligent Cloud Services.
Warning: Changing this URL can result in stack deployment failure.
IDMC User Name
Enter your Informatica Intelligent Cloud Services user name.
IDMC User Token
Paste the install token that you copied.
If you forgot to copy the install token, you can switch back to Informatica Intelligent Cloud Services and generate a new one.
Secure Agent Group Name
Accept the default value for the Secure Agent group name. This is the name of the runtime environment that you're creating.
14Click Create stack.
It takes a few minutes to create the stack. Be sure to monitor the stack creation and address any issues that might occur. For more information about troubleshooting CloudFormation stacks, see the AWS documentation.
When the stack is created successfully, the EC2 Instance status changes from CREATE_IN_PROGRESS to CREATE_COMPLETE.
15In Informatica Intelligent Cloud Services, on the Environment Configuration page, click Finish.
IICS creates your runtime environment and displays it on the Runtime Environments page.
Tip: To see the progress of your pending Secure Agents, click Manage Cloud Secure Agents on the Runtime Environments page. The status appears at the top of the page.
It takes a few minutes for the Secure Agent services to start. When the Secure Agent is ready to use, the status changes from "Pending Environment Set Up" to "Up and Running." You might need to refresh the page to see the updated status.