Find out the optimal way to set up Hyperglance, when deploying via the AWS Marketplace
In this article, you'll learn:
Hyperglance needs access to the AWS API in order to collect data. By default, the AWS endpoints are public IPs. There are various methods of securing access to Hyperglance, you will be led by your security posture as to which one to use.
The order in terms of each option's complexity is as follows:
1. The Hyperglance instance has a Public IP, inbound access is limited using a security group.
2. The Hyperglance instance has a Public IP, inbound and outbound access is limited using a security group and a Network Access List (NACL).
3. The Hyperglance instance is placed behind a NAT Gateway or Load balancer.
4. The Hyperglance instance runs in a private subnet and has multiple Virtual Private Cloud Endpoints configured for access to the AWS API via private IPs.
You can find more information about these 4 AWS deployment options here
2. Choose the appropriate number of resources and then 'Continue to Subscribe'
3. Accept the terms
4. This will take us to a page describing the next steps, read and return to the launch page
5. Select 'Continue to Configuration'
6. It will take a few minutes before the subscription is ready. Once the subscription is live, choose the region you want the Hyperglance instance to be created in.
7. Select 'Continue to Launch'
8. Select ‘Launch CloudFormation’
9. Once you have selected 'Launch CloudFormation', select to 'Launch'
10. You'll be taken to CloudFormation in your AWS console. There is nothing to change here as the S3 template is already selected. Select 'Next'.
11. In the 'Specify stack details' page you have the option to name the CloudFormation stack, and decide on things like assigning a public IP.
Hyperglance needs access to the AWS API in order to pull down the information needed.
Be careful when choosing the VPC & Subnet you want Hyperglance to be deployed in. It's possible to mismatch the VPC & Subnet causing the stack creation to fail.
12. Once that’s set, select 'Next'
13. You’ll then get the option to tag tags. In the example below, we have added 'Hyperglance' as a 'Name' tag.
14. Scroll down to the bottom of the page, select 'Stack creation options' and select 'Disabled' for 'Rollback on Failure'. This will allow you to see which steps fail if the stack has issues.
After you've done that, select 'Next'.
15. On the review screen, scroll down to the bottom to accept the disclaimer and select 'Create stack. This enables CloudFormation to start creating the Hyperglance instance.
16. You’ll be taken to the CloudFormation stack console page. It'll take up to 10 minutes to finish the instance creation.
17. Once the stack has been created successfully, go to the 'Outputs' tab. This'll show you how you can connect to the Hyperglance Instance.
18. By default, Hyperglance’s password is the instance name, so copy that and then click on the link to go to Hyperglance.
Be careful when copying and pasting the instance name. Sometimes there is an extra space at the start/end of the string that will prevent you from authenticating successfully.
19. Proceed to the Hyperglance console page (acknowledging the browser warning)
20. You can now see, and log in to, the Hyperglance console. The default userid is ‘admin’ and the password is the Hyperglance instance-id.
Make sure you use HTTPS (port 443) to connect to Hyperglance
21. After logging in the first time, you'll be asked to select the regions that you'd like Hyperglance to monitor. By default, Hyperglance will pull in the inventory from the account you’ve used to create the instance.
To pull in the data from the account Hyperglance is running in, you don't need to add an ARN. Just add an Alias, select the regions you want to collect, then select 'Submit'.
22. If you want to add other accounts, then Hyperglance can use STS Assume-Role to access other AWS accounts if you provide a suitable Role ARN for Hyperglance to use. You can add as many accounts as you need via this administration page.
23. Leave 'Is Billing Only' option unchecked, so that Hyperglance will pull down inventory (as well as billing data, if available).
24. Hyperglance will automatically update to the latest version, assuming you are connected to the internet. If you weren't connected during your setup, make sure you use these instructions to update Hyperglance to the latest version. All user data is retained through an update, including authentication credentials, rules, and tag-view keys.