Install the CylanceGATEWAY Connector to an AWS environment Skip Navigation

Install the
CylanceGATEWAY Connector
to an
AWS
environment

When you install the
CylanceGATEWAY Connector
, you upload the
CylanceGATEWAY Connector
VMDK image file to an
Amazon
S3 bucket in your private network. You use the
Amazon
EC2 Image Builder service to import the uploaded VMDK image file and create an
Amazon
Machine Image (AMI). The
CylanceGATEWAY Connector
instance is created from the imported AMI. The
CylanceGATEWAY Connector
instance is configured for DHCP. Configuring the instance to use a static IP is not supported.
  • Verify that your account has appropriate permissions to access an existing
    Amazon
    S3 bucket or to create a new S3 bucket. For instructions on how to create an S3 bucket, visit docs.aws.amazon.com to read “Creating a bucket.” 
  • Verify that your environment has an
    AWS
    Identity and Access Management (IAM) service role. For instructions on how to create an IAM service role, visit docs.aws.amazon.com to read “Required service role.” If you do not specify a name for the service role,
    AWS
    names it "vmimport."
Optionally, you can use the
AWS
Command Line Interface (CLI) to automate the import of the
CylanceGATEWAY Connector
AMI image file. For more information, visit docs.aws.amazon.com to read "Importing a VM as an image using VM Import/Export."
  1. Download the
    CylanceGATEWAY Connector
    VMDK file (cylance-gateway-connector-aws<
    version
    >.vmdk) from
    my
    Account
    .
  2. Sign in to the
    AWS
    management console at https://aws.amazon.com/console.
  3. Upload the cylance-gateway-connector-aws<
    version
    >.vmdk image file to an S3 bucket using the
    AWS
    console. For instructions, visit docs.aws.amazon.com to read “Upload objects." If necessary, create an S3 bucket.
  4. To import the AMI using the
    AWS
    console, complete the following steps:
    1. Open the
      EC2 Image Builder
      service.
    2. In the left column, click
      Images
      .
    3. Click the
      Import image
      button.
    4. On the
      Import image
      screen complete the following fields: 
      • Type a name and version for the
        CylanceGATEWAY Connector
        .
      • In the
        Base image operating system
        section, select
        Ubuntu
        and set the
        OS version
        to
        Ubuntu 20
        .
      • In the
        VM import configuration
        ,
        Disk container 1
        section, set the
        Source
        to
        S3 bucket
        . Browse to the S3 bucket where you uploaded the
        CylanceGATEWAY Connector
        VMDK image file in step 3.
      • Select the appropriate IAM service role that will be used during the import process. By default, the IAM service is named "vmimport."
    5. Click
      Import image
      . Note: This step can take up to 30 minutes to complete.
    6. Record the
      image ID
      of the imported image file. The image ID is used to launch the
      CylanceGATEWAY Connector
      instance. Perform the following actions:
      1. On the
        Images
        screen, click the version of the imported AMI.
      2. On the
        Image build versions
        screen, click the version.
      3. In the
        Output resources
        section, in the
        Image
        column, record the
        AMI image ID
        .
  5. Create the
    CylanceGATEWAY Connector
    instance from the imported AMI. Perform the following actions:
    1. Open the
      EC2
      service.
    2. In the left column, under
      Instances
      , click
      Instances
      .
    3. Click
      Launch instances
      .
    4. On the
      Launch an instance
      screen, type a name for the
      CylanceGATEWAY Connector
      instance.
    5. In the
      Application and OS images (Amazon Machine Image)
      section, click the
      My AMIs
      tab. Make sure that
      Owned by me
      is selected.
    6. In the
      Amazon Machine Image
      (AMI) drop-down list, paste the AMI ID that you recorded in step 4f. Click the AMI that is returned.
    7. Select an instance type according to your organization's requirements.
      The instance type must be an
      AWS
      Nitro System instance type. If you do not select a Nitro System instance type, you will not be able to use the EC2 serial console to connect to the
      CylanceGATEWAY Connector
      . For more information, visit docs.aws.amazon.com to read “Instances built on the Nitro System.”
    8. Select a key pair. The key pair is required by the
      AWS
      instance creation form; however, it is disregarded by the
      CylanceGATEWAY Connector
      .
    9. In the
      Network settings
      section, click
      Edit
      and specify the following settings:
      1. Click the
        VPC
        drop-down and select your private network.
      2. Optionally, click the
        Auto-assign public IP
        and select
        Enable
        . You must assign a public IP address to the
        CylanceGATEWAY Connector
        only if you do not have a way to access the connector's web interface using the private network that it is installed on.
      3. Select or create a security group according to your organization's requirements. The security group must have HTTP (port 80) and HTTPS (port 443) access to the
        CylanceGATEWAY Connector
        from the network that the enrollment is being completed from. 
    10. Click
      Launch instance
      .