Set up an identity connector in Amazon Web Services
Before you begin
The connector does not receive traffic from outside but it may need to connect to ETP cloud instances for configuration and other data. Make sure the security group associated with the connector is set up with this policy:
- Outgoing traffic: Allow all.
- Incoming traffic: Deny all.
- Log in to your AWS console and click .
- Under Create Template, select Upload a template to Amazon S3.
- Click Choose File.
- Select the downloaded CloudFormation template.
Provide a stack name, NAT instance type, VPC ID and subnet information and
Note: For the NAT instance type, make sure you use a minimum of m4.large.
- Complete the configuration of tags, storage, and other features as needed. Since AWS does not use swap space for storage, use a minimum of 12 GB RAM for memory.
- Click CREATE. Once the stack creation is complete, the connector instance starts and automatically connects to ETP cloud.
In ETP, approve the identity connector:
- In the Enterprise Center navigation menu, select .
- Locate the AWS connector and click Need your approval.
- Click Save.