Click on the desired cloud provider and follow the installation and configuration instructions:
Follow the steps below to install and configure an agent within your Amazon Web Services (AWS) environment.
|AWS Region||AWS Region (short name)|
|US East (N. Virginia)||us-east-1|
|US East (Ohio)||us-east-2|
|US West (N. California)||us-west-1|
|US West (Oregon)||us-west-2|
|Asia Pacific (Mumbai)||ap-south-1|
|Asia Pacific (Osaka)||ap-northeast-3|
|Asia Pacific (Seoul)||ap-northeast-2|
|Asia Pacific (Singapore)||ap-southeast-1|
|Asia Pacific (Sydney)||ap-southeast-2|
|Asia Pacific (Tokyo)||ap-northeast-1|
|South America (São Paulo)||sa-east-1|
An instance with at least 3 vCPUs and 4 GiB of memory is recommended for optimal performance.
For testing, the t2.micro (free tier) instance type is sufficient.
Next: Configure Instance Details
For the agent to properly connect to the Control Plane servers, it requires outbound Internet access.
Verify that the
Auto-assign Public IP option is set to
If your requirements do not allow the instance to have a public IP, please review the section
How do instances without public IP addresses access the Internet in this AWS FAQ.
User datapaste or upload a file containing the JSON payload generated in step one
Next: Add Storageand review settings
Next: Add Tagsand optionally add any tags
Next: Configure Security Group
SSH is not required. Control Plane will never need to connect directly to the agent.
Review and Launchand verify the details are correct
Launch. The console will prompt you to select or create a key-pair.
If you do not have an AWS key-pair created, the console will help you to create one.
Since the agent instance will never need to be connected to, you may proceed without a key-pair.
After a few moments, the instance will launch and ready to process requests.
Follow the steps below to install and configure an agent within your Microsoft Azure environment.
copyControl Plane Secure Communications Agent
Createdropdown, choose the agent that shows
Create a virtual machinewizard:
Control-Plane-Agent-01. If installing multiple agents, increment the number.
No infrastructure redundancy required. Use a different option for your environment if you are running in production.
SSH public key
None. The agent does not need any inbound ports open.
(Default) Encryption at-rest with a platfor-managed key
Enable with managed storage account
Next: Review + create
Download private key and create resource.
The agent virtual machine will begin the deployment process. After a few moments, the agent will be running, connecting to the Control Plane servers, and ready to process requests.
Follow the steps below to install and configure an agent within your Google Cloud Platform (GCP) environment.
copygcloud compute instances create INSTANCE_NAME --image controlplane-agent-546-282446475-1442e61 --image-project cpln-build --metadata-from-file=user-data=PATH/AGENT_NAME-bootstrapConfig.json
For optimal performance:
By default, the GCP firewall rules open the common SSH, RDP, and ICMP ports to the world and allows all internal ports within the VPC. The agent does not need any of these ports open.
At a minimum, the agent needs to be able to connect to your GCP resources and the Internet.
Follow the steps below to install and configure an agent within your private network.
copycpln agent up --bootstrap-file=PATH/AGENT_NAME-bootstrapConfig.json
If you are using Windows, follow these instructions:
cplncommand above using a Windows command prompt and not usingWSL
When running an agent locally, it is running within a local Docker container. When configuring an identity network resource, you must use the IP of the network adapter that Docker installed on the local machine.