Amazon cloud intance launch

Launching the M-Pin Core

Service with Amazon EC2

1 | P a g e

Launching the M-Pin Core Service with Amazon EC2

Introduction ........................................................................................................................................... 2

Amazon EC2 .................................................................................................................................... 2

Amazon EC2 Features ..................................................................................................................... 2

Creating An Instance of AWS ............................................................................................................... 3

Step 1. Choose An AMI .................................................................................................................... 3

Step 2. Choose An Instance .......................................................................................................... 4-8

Step 3. Configure Instance Details .................................................................................................. 9

Step 4. Add Storage ....................................................................................................................... 10

Step 5. Tag Spot request ............................................................................................................... 11

Step 6. Configure Security Group .................................................................................................. 12

Step 7. Review and Launch Instance ........................................................................................ 13-15

Launching the M-Pin Core instance ........................................................................................................ 17

Accessing your 30-day Free Trial Link ........................................................................................... 18

Configuring your M-Pin Core Instance ..................................................................................... 18-19

Configuring the Host and Port ...................................................................................................... 19

Viewing your M-Pin Core Service in your Browser ........................................................................ 20

Creating an Identity and a Pin, with your M-Pin Core Demo .......................................................... 20

Login in to Your M-Pin Core Service Strong Authentication ..................................................... 20-23

Appendix ......................................................................................................................................... 24-25

Useful Website Links ........................................................................................................................... 26

2 | P a g e

Launching the M-Pin Core Service Strong Authentication with Amazon

Elastic Compute Cloud (EC2). Introduction.

This guide is to setup, demonstrate and view your M-Pin Core Service Strong Authentication with Amazon Elastic

Compute Cloud (EC2).

It is design for setting up and launching, the M-Pin Core Service Strong Authentication Instance with the use of

Amazon EC2. Once you have launch the M-Pin Core Service Instance you will be able to run the M-Pin Core

Service trial Demo from your email link.

The guide is intended as an instruction process for launching the M-Pin Core Service Instance with flexibility to

your requirements’ needs.

You will have to firstly launch the M-Pin Core Service Instance with Amazon EC2, then the guide will lead you

unto setting up your M-Pin Core Service Strong Authentication.

Amazon EC2 This user guide is for Windows (API Version 2015-04-15)

What is Amazon EC2?

Amazon Elastic Compute Cloud (Amazon EC2) provides and handle a growing amount of computing capacity in

the Amazon Web Services (AWS) cloud. The need of investing in hardware up front is eradicated, by the use of

Amazon EC2. Amazon EC2 allows you to develop and deploy applications faster. Amazon EC2 gives you the

capability to launch virtual server(s) that allows you to configure security and networking, as well as manage

storage to as many servers as you would like.

With Amazon EC2 you can scale up or down so you are able to manage and handle changes in requirements or

a sharp rise in popularity. In return you would be able to reduce the need to keep tracks on your forecasted

traffic.

Amazon EC2 features: Virtual computing environments, also known as Instances.

Preconfigure templates for your instances, also known as Amazon Machine Images (AMI). This provides

you with your server, operating system and additional software.

Multiple configurations of CPU, memory, storage and networking capacity for your instances, known as

Instance Types.

Secure login for your instances using Key Pairs. These Key Pairs are: where the AWS stores the public

key and your store the private key in a secure place.

Storage Volumes for temporary data: which are deleted once an instance is Stopped or Terminated also

known as Instance Store Volumes.

Continuous storage volumes for your data: which can be done by the use of Amazon Elastic Block Store

(EBS), known as Amazon EBS Volumes.

Availability zones and regions allows you to access your resources from multiple physical locations

instances, and from Amazon EBS volumes.

Security groups enabled firewall this allows you to give your protocols, ports and sources, various IP

ranges which are accessible to you.

Elastic IP addresses, allows you to have the use of static IP addresses for your dynamic cloud computing.

Tags: allows you to create and assign Metadata to Amazon EC2 resources.

Virtual Private Clouds (VPCs): can be created in isolations, to the rest of the AWS Cloud and it can also

allow you to connect to your own network.

3 | P a g e

Once you have setup an account and login into AWS, you are now ready to create an Instance

in AWS.

Choose an Amazon Machine Image

(AMI).

Step 1. Select your chosen AMI.

Note: depending on your requirements, you

will choose an AMI based on : the storage

capacity, development tools compatibilities

and temporay or constant storage volumes.

4 | P a g e

Choose an Instance types.

Step 2.

Select your choice of instance from the

filter.

Click Next: Configure Instance details

Note: from the filter there are several Instance Types:

Micro instance – this instance produces a small amount of CPU

resources. You also have the choice to increase your CPU capacity in

time when there are available additional cycles. This instance is most

suited with low usage of the throughput applications and websites. It

is only available on Amazon EBS-backed instance.

CPU usages – ideal for two-levels: normal low background

and brief spiked levels which is higher than the background

level.

o Provides up to 2 EC2 compute units, where 1 unit

is 1.0-1.2GHz 2007 Opteron or 2007 Xeon

processor.

o It handles tens of requests per minute on your

application

o Design to run on 600MB of RAM.

GPU instances – useful for high parallel processing capability.

o NVIDIA GPUs, access with up to 1,536 CUDA cores and 4GB video memory.

o Used for scientific engineering with the use of Compute Unified Device Architecture (CUDA) or OPEN CL parallel

computing frameworks.

o Useful for graphic application e.g. game streaming, 3-D applications and other graphic workloads.

o Runs on HVM(Hardware virtual Machine)- based

instances

o Use PV (Para Virtual network and storage

drivers)

o Dedicated access to one or more discrete GPUs

o Can be clustered into Placement Group.

o Limitation

Must be launched on HVM AMI

NVIDIA drivers needs to be installed

for accessibility.

There are limitation on the number of

instances, you can run.

Storage Optimize

o Amazon EBS – durable block-level-storage

volumes that are attached to running instances.

o Can be used as a Primary storage device for

frequent and glandular data updates

o It has the behaviour of a raw unformatted

external block device.

o Volume is independent from the running

instances.

o Once attached to an instance it can be used like a

physical hard drive.

o Multiple volumes can be attached to an instance.

o Can be detached from one instance and can be

attached to another.

o Can be used alongside Amazon EBS encryption in

creating an encrypted volume.

o Can back up data by creating a Snapshot which can be used on Amazon S3.

o Amazon S3 – reliable and inexpensive data storage infrastructure.

o Web scale computing which allows you to store and retrieve any amount of data at any time.

o Root and storage volumes can be specified

o EBS volume can be attached to a running instance.

5 | P a g e

Step 3.

Choose the

Number of

Instance

required.

Tick the

Request

Spot

Instances if

you would

like to set

your

maximum

price limit.

6 | P a g e

Now Choose

whether you

would like all your

Spot Instances to

be launch together

or not at all.

Tick if you would

like your requests

to be sent to you,

each time your

Spot Instance is

terminated.

7 | P a g e

If you choose to

launch your

Spot Instance

you now have a

choice to select

your Start date.

Select Edit and

End date by

Selecting Edit.

You can Choose

from the drop

down list your

choice of

Amazon Private

Cloud, create a

VPC or Select

your own IP

addresses range.

8 | P a g e

You can isolate

your resources

by using a

range of

different IP

address, in

your VPC

Request a

public IP

address from

amazon pool

this allows

your instance

to be reached

from the

internet and

you can

associate and

disassociate

once your

Instance is

terminated

9 | P a g e

Select your

IAM role from

the drop down

list. This is

where you give

the instance

profile the

same name as

your IAM role.

So you don’t

need to store

your AWS

Access key with

your

application.

10 | P a g e

Step 4. Add Storage

Select from the

drop down list EBS

or S3 Amazon

Storage Volumes.

Click Next: Tag

Instances.

Note:

Amazon EBS – durable block-level-

storage volumes; that are attached to

running instances.

Can be used as a Primary

storage device for frequent

and glandular data

updates

It has the behaviour of a

raw unformatted external

block device.

Volume is independent

from the running instances.

Once attached to an

instance it can be used like

a physical hard drive.

Multiple volumes can be

attached to an instance.

Can be detached from one

instance and can be attached to another.

Can be used alongside Amazon EBS encryption in creating an encrypted volume.

Can back up data by creating a Snapshot which can be used on Amazon S3.

Amazon S3 – reliable and inexpensive data storage infrastructure.

Web scale computing which allows you to store and retrieve any amount of data at any time.

Root and storage volumes can be specified

EBS volume can be attached to a running instance

11 | P a g e

Step 5. Tag Spot Request

Click on Create Tag.

Select the Tag type

you would like.

Give the Key a name;

based on the

Unicode characters

Give it a Value based

on the Unicode

characters

Click Next: Configure

Security Group.

Note: Different types of tags:

Tag Basics- allows you to

categorise your AWS

resources in various ways.

o By purpose

o By owner

o By environment

Each Tag consist of a Key

You have the option to add a

value

You have to define the Key

and the option value

A set of Tag Keys can be devise by meeting the needs of each resource type.

Consistent set of Tag key makes it easier to manage your resources.

Filtering or searching for resources can be done on added Tags.

Tags can be used on AWS management console, Amazon EC2 CLI and Amazon EC2 API.

Lists of Tags can be added to an Instance.

Current Tags are overwritten with new values.

Tag Keys can be edited and removed from a resource at any time.

Tag values can be set to an empty string, it should not be null.

Tag Restriction-

Up to 10 Tags per resources

Up to 127 Unicode Characters in UTF-8

Up to 255 Unicode characters in UTF-8

Values are case-sensitive

Do not use aws as a prefix, in your Tag names or values

You can only use letters, spaces and numbers represented in the UTF-8, in addition you can use characters: +-=. :/@: are only

allowed for Tag names and values.

Public or shared resources can be tagged.

All assigned tags are only available to your AWS account

Not all resources can be tagged

Some resources can only be tagged, by using API action or CLI.

Billing

Tag can be used to organise your AWS Bill to reflect your last structure.

Identical tag key values and resources can be billed together.

Only your current month’s reporting is available to be viewed within 24 hours.

Tag and console

You can view all tags in the Amazon EC2 console within a region

Tags can be viewed by resource type.

Associated resources’ items can be viewed based on a specific tag

You can apply and remove Tag by using Amazon EC2 console.

12 | P a g e

Step 6. Configure Security Group

Security groups acts as a firewall for

controlling traffic for one or more

instances.

i. From the radio button

Click Assign a security

group.

ii. Give your security group a

name.

iii. Give it a description.

iv. From the radio button,

Select an Existing security

group for default.

v. Click on the button on the

left-hand side.

A second table will appear, at the

bottom of your screen.

vi. Click Review and Launch.

Note: security groups and names can be up to 255 characters in length. Only ASCII characters are allowed.

AWS will assign each security group a unique ID in the form of sg-xxxxxxxx.

Initial settings for creating security groups are:

-allow no inbound traffic

-allow all outbound traffic

One or more security group are assigned to an instance.

Rules are added to the security group, allowing traffic flow with an associated instance.

Modification to the rules can be done at any time.

New rules are automatically applied to all instances which are associated with a security group.

Security group must be specified in the same region as an instance.

Once an instance for EC2-Classic is launch you cannot change the security groups.

Rules can be added or removed from a security group.

One instance can be associated with up to 500 security groups.

Up to 100 rules can be added to a security group.

Security group rules

Inbound and outbound traffic to an instance is controlled by the security group rules.

By default security groups allows all outbound traffic.

Adding and removing rules can be done at any time.

Changes to an instances automatically applied after a short period.

Editing, deleting and adding rules in a security group can be done.

Copying of an existing rule to a new security group are allowed.

Outbound rules cannot be changed

Permission rights are always required on a security group’s rules.

Rules that denys access cannot be created

13 | P a g e

Step 7. Review Instance and

Launch.

In launching your Instance this

would assign a Key to your

Instance and completes the

process.

Click Launch

From the drop down list you can

Select Create a new key

pair

14 | P a g e

Give the Key Pair a

name

Click on Download

the Key Pair.

Note: once you click on download you

can Save and Store the file in a secure

accessible location.

Click launch

Instances.

You have now launch your

instance.

Click View Instance.

15 | P a g e

16 | P a g e

17 | P a g e

After your instance has been launched you are now in the position to launch the M-Pin Core Instance.

From your email

Click on the link to Get your 30

day free trial of M-Pin

Now Click on Continue

[

G

r

a

b

y

o

u

r

r

e

a

d

e

r’

s

a

t

t

e

n

ti

o

n

w

it

h

a

g

r

e

a

t

q

u

o

t

e

f

r

o

m

t

18 | P a g e

Select your Subscription Term

Choose an Application Instance Type.

Note: this application Instance Type depends on the Size of your

network ranging from micro to various large requirements.

Click on Launch with 1-Click

From the AWS Console Management page, you

will see the M-Pin Core Service Instance.

Select the M-Pin Core service Instance.

19 | P a g e

You now need to change the Host type to HTTP

and initial it to Port 80.

Click on Security Groups on the left hand

side

Click on Edit

Change the Type to HTTP

The Port Range should automatically be

80

Save the changes

20 | P a g e

Now open a new browser.

Type in: http:// (Host)

Note: your host is your Public Domain Server or Public IP address

You will now see this page appear.

Click Sign in from here

21 | P a g e

You can Add an identity by

Typing in your email address

Click Setup M-Pin

Note: your email address is required as a verification procedure for

your pin.

Now Enter a 4 digit pin.

Click Setup M-Pin

[Gr

ab

you

r

rea

der’

s

atte

ntio

n

wit

h a

gre

at

quo

te

fro

m

the

doc

um

ent

or

use

this

[G

ra

b

yo

ur

re

ad

er

’s

at

te

nt

io

n

wi

th

a

gr

ea

t

qu

ot

e

fr

o

m

th

e

do

cu

m

en

t

or

us

e

th

is

sp

ac

e

to

22 | P a g e

You have now Setup your M-Pin Core Cloud

Encryption system.

You can now Login to check your Login process

Type your Pin in

Click Login

e[Gr

ab

your

read

er’s

atten

tion

with

a

great

quot

e

from

the

docu

ment

or

use

this

spac

e to

emp

hasiz

e a

key

point

. To

place

this

text

box

anyw

here

on

the

page

, just

drag

it.]

[Gr

ab

you

r

rea

der

’s

att

ent

ion

wit

h a

gre

at

quo

te

fro

m

the

doc

23 | P a g e

This is now your Strong Authentication Protection

[email protected]

[Grab your

reader’s

attention

with a

great

quote from

the

document

or use this

space to

emphasize

a key

point. To

place this

text box

anywhere

on the

page, just

drag it.]

24 | P a g e

Appendix:

Resource Tagging support Tagging restrictions

AMI Yes None

Bundle task No

Customer gateway Yes None

DHCP option Yes None

EBS volume Yes None

Instance store volume No

Elastic IP No

Instance Yes None

Internet gateway Yes None

Key pair No

Network ACL Yes None

Network interface Yes None

Placement group No

Reserved Instance Yes None

Reserved Instance Listing No

Route table Yes None

Spot instance request Yes None

Security group - EC2 Classic Yes None

Security group - VPC Yes None

Snapshot Yes None

Subnet Yes None

Virtual private gateway Yes None

VPC Yes None

25 | P a g e

Resource Tagging support Tagging restrictions

VPC endpoint No

VPC flow log No

VPC peering connection Yes None

VPN connection Yes None

Inbound

Source Protocol Port

Range

Comments

The ID of the security

group

ICMP All Allow inbound ICMP access from other instances associated with this

security group

The ID of the security

group

TCP 0 - 65535 Allow inbound TCP access from other instances associated with this

security group

The ID of the security

group

UDP 0 - 65535 Allow inbound UDP access from other instances associated with this

security group

26 | P a g e

Useful Website Links:

http://amazon.com/marketplace

http://aws.amazon.com/resources/

https://console.aws.amazon.com/billing/home

http://(host)