Configuration > Cloud Services > IaaS > Deploy Cloud Hubs in AWS
The Cloud Hubs in AWS tab provides the AWS account details and EC-V deployment configuration details for all cloud EC-Vs that have been deployed.
Use this tab to:
Create and modify AWS accounts
Deploy EC-Vs in the AWS cloud
Remove an AWS cloud deployment
NOTE: Before you can deploy EC-Vs to the AWS cloud, you must perform several tasks in AWS. For more information, see AWS Account Configuration.
The following table describes each field on this tab.
|Name||Name given on the deployment configuration page.|
|VPC||CIDR block used for deployment.|
|Account||Name of the AWS account that was used to deploy the EC-Vs.|
|Instances||Number of EC-V instances in the deployment. To add one or more EC-Vs to the deployment, click +Add. In the New Instance on AWS dialog box, select the availability zone to use and any optional tags to apply to the new instance.
Max indicates that the maximum number of instances have been created for the VPC CIDR block.
|Status||Status of the deployment. If more information is available, an info icon is displayed.
NOTE: If the deployment was incomplete, the info dialog contains a link to download the log file and steps to resolve the issue.
|Terminate||To permanently delete a deployment, click Terminate. This action deletes all resources associated with the EC-Vs, including all EC2 resources.|
|Deployment Info||Click the info icon in this column to view deployment and instance details, including the IP addresses associated with the mgmt0, wan0, and lan0 interfaces.|
|Resources||Click the info icon in this column to view details about each AWS resource that Orchestrator created during the deployment. This information is helpful when, for example, you need to identify the IP address of a security group to add a user to.|
|Comment||Comments that were added to the deployment when the EC-V was created. To edit the comment, click the edit icon.|
To create or modify an AWS account to Orchestrator:
Click AWS Accounts.
The AWS Accounts dialog box opens.
Click New AWS Account or click the edit icon next to the account you want to edit.
The AWS Account Configuration dialog box opens.
Complete or modify the elements as necessary.
Click New Deployment to deploy one or more EC-V instances in AWS.
If a deployment does not complete or you no longer want the EC-V in the AWS cloud, you can remove the deployment and all associated artifacts.
To remove a deployment, locate the deployment you want to remove, and then click Terminate in the desired row.
The AWS Accounts dialog box lists all of the AWS accounts that have been added.
Click Add AWS Account to create a new account for EC-V deployments.
Click the edit icon next to an existing account to modify that account’s details.
NOTE: You cannot modify accounts that have active deployments.
Complete the following steps to create an AWS IAM user account with the required permissions for creating EC-V instances in AWS.
Log in to the AWS Dashboard.
On the Find Services search menu, enter
IAMto open the Identity and Access Management (IAM) page.
Under Access Management, click Policies. The Policies page opens.
Click Create policy and click the JSON tab.
Delete the existing text.
Go to this web page, click the link for your version of Orchestrator, and then copy and paste the JSON policy text into the editor.
Click Next: Tags.
(Optional) Add metadata to the policy by attaching tags as key-value pairs.
Click Next: Review.
On the Review policy page, enter a name and optional description for the new policy.
Review the policy summary to see the permissions granted by your policy, and then click Create policy to save your work.
Click Users > Add user. The Add user page opens.
Enter a user name in the User name field (for example, ArubaOrchestrator).
Under Access type, select Programmatic access, and clear the AWS Management Console access check box.
Click Next: Permissions.
Under Set Permissions, click Attach existing policies.
Select the Policy document you created from the list, and then click Next: Review.
Under Permissions summary, click Add permissions.
On the Users page, click the Security credentials tab.
Download or copy and paste the Access key ID and Secret key ID to a secure place for later use.
Review the instructions on this page to create a key pair on the AWS region where you plan to deploy the EC-V.
Complete the following fields for Orchestrator, and then click Save when finished.
|Name||Enter a unique name. If you have multiple AWS accounts, you must enter a unique name for each account.|
|Access Key||Enter the Orchestrator IAM user’s Access Key ID that you saved earlier.|
|Secret Key||Enter the Orchestrator IAM user’s Secret Key ID that you saved earlier.|
|Comment||Enter a comment that provides any additional information about the AWS account.|
Orchestrator validates the account information. This takes approximately 45 seconds.
Use the AWS Deployment Configuration page to create one or more EC-V instances in an AWS region.
NOTE: If you do not have an AWS account configured in Orchestrator, the AWS Deployment Configuration dialog box is blank. Click the Accounts link to create an AWS account.
|Name||Enter a name for the deployment. This name is used only for identifying the deployment. A deployment consists of one or more EC-Vs that an Orchestrator creates in an AWS Virtual Private Cloud (VPC). Only alphanumerical letters and hyphens are allowed in the deployment name. The maximum allowed length is 20 characters.|
|AWS Account||Select an AWS account to use for deploying the EC-V.|
|Region||Select an AWS region where you want to deploy the EC-V.|
|VPC CIDR||Enter a VPC Classless Inter-Domain Routing (CIDR) block. The smallest supported CIDR block is /24 and the largest supported CIDR block is /16. Orchestrator creates all AWS resources required for the EC-V deployment within this VPC. For each EC-V you deploy, Orchestrator creates three subnets that are /28 in size. In other words, if you deploy two EC-Vs, Orchestrator creates six subnets in total. This is true even if both EC-Vs are created in a single Availability Zone.|
|SSH Key||Select an existing AWS key pair to assign to the EC-V. A key pair must be created prior to the deployment.|
|Boost (Optional)||Boost requires additional resources on an AWS EC2 instance. After Boost and an appropriate WAN Bandwidth value are selected, Orchestrator displays the appropriate AWS instance types for the deployment on the Instance Type drop-down menu.
NOTE: Selecting the Boost check box does not enable Boost on the EC-V. It only allows Orchestrator to display appropriate AWS instance types that can support Boost for the selected WAN bandwidth. To enable Boost on the EC-V, go to the Deployment page and the Business Intent Overlay (BIO) page after the deployment is complete.
|WAN Bandwidth||The Bandwidth drop-down list displays the current EdgeConnect license tiers. After you select a WAN Bandwidth value, Orchestrator displays the appropriate AWS instance types for the deployment on the Instance Type drop-down menu.|
|Instance Type||Based on your selection of Boost and WAN Bandwidth values, Orchestrator displays the appropriate AWS instance types on this drop-down menu.|
|AWS Tags (Optional)||Any comma-separated tags entered here are applied to all AWS resources that Orchestrator creates while deploying the EC-V. If you do not enter any tags, Orchestrator automatically creates a unique tag for each AWS resource that it creates while deploying the EC-V. This AWS tag is created to identify each resource created by Orchestrator. The tag is formatted as follows: sp-automated-deployment name-instance-index-resource name.|
|Comment (Optional)||Enter an optional comment if you want to attach any additional details for the deployment.|
|Advanced Settings||Custom AMI ID: If you want to deploy the EC-V with a specific public or private image, provide the AMI ID. You can obtain the AMI ID from the AWS console.
Leave this field blank to allow Orchestrator to deploy the EC-V with the base AMI obtained from the AWS Marketplace.
|Horizontally Scale||You can deploy multiple EC-Vs by clicking + and selecting the Availability Zone for each EC-V. If the selected region supports multiple Availability Zones, each Availability Zone is shown on the drop-down menu. When deploying multiple EC-Vs, it is best practice to deploy each EC-V in a unique Availability Zone.|
|Appliance Tag (Optional)||Enter an Appliance Tag on this field if you want to assign a pre-configuration file to the deployment. If this field is left blank, Orchestrator will automatically assign an Appliance Tag for its own configuration purposes.|
When you have completed all of the required fields, click Review and Deploy. Review the configuration summary, and click Deploy to create the EC-V instances.