📄️ AWS IAM policies
A policy in AWS IAM declares a set of permissions on a specific AWS resource. After creating a policy, you need to attach it to an IAM role or user. As such, the IAM role or user is assigned the permissions declared in the policy to access the specified AWS resource.
📄️ Create a cross-account IAM role
You need to create a cross-account IAM role, which will be referenced in a deployment credential, either from the Cloud settings page in the CelerData Cloud BYOC console before you create a deployment or as part of the workflow of creating a deployment.
📄️ Create a security group
You need to create a security group, which will be referenced in a network configuration, either from the Cloud Settings page in the CelerData Cloud BYOC console before you create a deployment or as part of the workflow of creating a deployment.
📄️ Create a service IAM role for EC2
You need to create a service IAM role for EC2, which will be referenced in a data credential, either from the Cloud settings page in the CelerData Cloud BYOC console before you create a deployment or as part of the workflow of creating a deployment.
📄️ Create a VPC and related resources
You can attach an existing VPC to your deployment or create a new one, either from the Cloud Settings page in the CelerData Cloud BYOC console before you create a deployment or as part of the workflow of creating a deployment.
📄️ Create a VPC endpoint for connection
You can optionally create your own service powered by AWS PrivateLink, known as an endpoint service, to enable direct, secure connectivity between CelerData's VPC and your own VPC.
📄️ Create a VPC endpoint for S3
Generally, when you create a VPC following the instructions provided in Create a VPC and related resources, the S3 Gateway is automatically enabled to allow the VPC to access S3 directly and securely. But when you use an existing VPC or create a new VPC without the endpoint enabled, you need to create a VPC endpoint for S3 if you want to specify a private subnet in the Network configuration during cluster deployment.
📄️ Connect to an EC2 instance using SSH
You can connect via SSH to the Amazon EC2 instance that hosts your CelerData cluster.
📄️ View associated AWS Cloud resources
CelerData launches AWS Cloud resources, namely, EC2 instances and placement groups, that you must pay for, during deployment.