Installing Cloud Discovery & Visibility on AWS EC2 instances - Adaptive Applications - BlueCat Gateway - 22.1.1

Cloud Discovery & Visibility Administration Guide
Locale
English
Product name
BlueCat Gateway
Version
22.1.1

Starting in Cloud Discovery & Visibility v22.1.1, you can deploy Cloud Discovery & Visibility on AWS EC2 Instances. When you configure Cloud Discovery & Visibility on an AWS EC2 Instance, you can use the credentials of the AWS EC2 instance to authenticate with your AWS environment instead of manually entering in the AWS Key ID and AWS Secret Access Key values.

BlueCat supports the following two deployment scenarios:
  • Deploying on an AWS EC2 Instance where the discovery and visibility resources, and EC2 Instance host are on the same AWS account.
  • Deploying on an AWS EC2 Instance where the discovery and visibility resources are on a different AWS account from the EC2 Instance host.
To install Cloud Discovery & Visibility on an AWS EC2 instance within the same AWS account as the discovery and visibility resources:
  1. Log in to the AWS Management Console.
  2. Create an IAM role by performing the following:
    1. In the navigation page, click Roles > Create role.
    2. Under Trusted entity type, select AWS service.
    3. Under Use case, select EC2 and click Next.
    4. Under Add permissions, select the required permissions to run AWS discovery and visibility and click Next.

      For more information on the required permissions, refer to AWS environments.

    5. Under Name, review, and create, enter the name of the IAM role and click Create.
  3. Create an AWS EC2 Instance running Ubuntu 22.04. For more information on creating AWS EC2 instances, refer to https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EC2_GetStarted.html.
  4. Attach the newly created IAM role to the AWS EC2 Instance. For more information, refer to https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html.
  5. From the Instances page, click the name of the newly created AWS EC2 Instance. The Instance summary page appears.
  6. Click Connect.
  7. From the Connect to instance page, select the SSH client tab.
  8. Follow the guide to connect to the AWS EC2 Instance using SSH.
  9. Once you have successfully connected to the EC2 Instance using SSH, install Docker using the following commands:
    sudo apt update
sudo apt install docker.io
  10. Click Y and click ENTER.

Once you have successfully installed Docker on the EC2 Instance, you can install the Cloud Discovery & Visibility image using the Docker commands outlined in Installing the Cloud Discovery & Visibility image.

To install Cloud Discovery & Visibility on an AWS EC2 instance with a different account from the discovery and visibility resources:
  1. Log in to the AWS Management Console.
  2. Create an IAM role for the account with the resources by performing the following:
    1. In the navigation page, click Roles > Create role.
    2. Under Trusted entity type, select AWS account.
    3. Under An AWS account, select Another AWS account.
    4. Within the Account ID field, enter the AWS account ID of the EC2 Instance host and click Next.
    5. Under Add permissions, select the required permissions to run AWS discovery and visibility and click Next.

      For more information on the required permissions, refer to AWS environments.

    6. Under Name, review, and create, enter the resource role name of the IAM role and click Create.
  3. Create an IAM role for the account with the EC2 Instance host by performing the following:
    1. In the navigation page, click Roles > Create role.
    2. Under Trusted entity type, select AWS service.
    3. Under Use case, select EC2 and click Next.
    4. Under Add permissions, create an AssumeRole policy with the following JSON content:
      {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "sts:AssumeRole",
            "Resource": "arn:aws:iam::<ResourceAccountId>:role/<ResourceRoleName>"
        }
    ]
}
    5. Click Next: Tags.
    6. Click Next: Review.
    7. Enter the name of the AssumeRole policy and click Create policy.
    8. Within the Add permissions page, select the newly created AssumeRole policy and click Next.
    9. Under Name, review, and create, enter the host role name of the IAM role and click Create.
  4. Create an AWS EC2 Instance running Ubuntu 22.04. For more information on creating AWS EC2 instances, refer to https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EC2_GetStarted.html.
  5. Attach the newly created EC2 Instance host IAM role to the AWS EC2 Instance. For more information, refer to https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html.
  6. From the Instances page, click the name of the newly created AWS EC2 Instance. The Instance summary page appears.
  7. Click Connect.
  8. From the Connect to instance page, select the SSH client tab.
  9. Follow the guide to connect to the AWS EC2 Instance using SSH.
  10. Once you have successfully connected to the EC2 Instance using SSH, install Docker using the following commands:
    sudo apt update
sudo apt install docker.io
  11. Click Y and click ENTER.

Once you have successfully installed Docker on the EC2 Instance, you can install the Cloud Discovery & Visibility image using the Docker commands outlined in Installing the Cloud Discovery & Visibility image.