Fantasy Grounds - Port Forwarding - Transparent Op
  • Fantasy Grounds - Port Forwarding and a "transparent" OpenVPN setup
  • General
    • Introduction - F.G.Comms
    • GM's machine barriers
    • Internet connection barriers
    • Some NO-GO Situations
    • VPN solutions
  • Proposed Solution
    • "Transparent" OpenVPN-based Port Forwarding
    • Tools
    • Amazon Web Services
    • Setup process overview
  • Local setup - Step-by-step
    • Step 0 : Preparation
    • Step 1 : OpenVPN + Easy-RSA & "new-PKI"
    • Step 2 : Create your own PKI
    • Step 3 : Setup OpenVPN connections
  • AWS Setup - Click-by-Click
    • Step 4 : Your AWS environment
    • 4.1-Creating the IAM Role
    • 4.2-Choosing the AWS Region
    • 4.3-Creating the S3 bucket
    • 4.4-Virtual Private Cloud - Default VPC
    • 4.5-Creating an AWS Key Pair
    • 4.6-Creating an AWS Security Group
    • 4.7-Filling the bucket
    • 4.8-Building the Launch Template
  • Transfer & First Test
    • Step 5 : Transfer to S3
    • Step 6 : Launch time !
    • Step 7 : Connect, test, fix glitches
    • Step 8 : Destroy/"Terminate" after use
  • Use your server
    • Regular Usage Pattern
  • Simultaneous FG games / 1 VPN Server
    • Lifting the "1 GM at-a-time" restriction
    • FGU vs. FGC networking
    • VPNs for both FGC + FGU (LAN mode)
  • Upgrading our setup for "N-at-a-time", FGC/FGU
    • Untitled
  • Appendixes
    • Acronyms and definitions
    • AWS acronyms
    • AWS admin user + API access key
    • AWS, DNS, DDNS, CRL...
    • Possible (?) developments
  • Links
    • Fantasy Grounds Web
    • Fantasy Grounds Discord
    • FG College Web
    • FG College Discord
    • FG College KB
    • Our "EU" Discord
    • OpenVPN
    • AWS
Powered by GitBook
On this page
  • Welcome to Ze cloud
  • What we'll do in this section :

Was this helpful?

  1. AWS Setup - Click-by-Click

Step 4 : Your AWS environment

PreviousStep 3 : Setup OpenVPN connectionsNext4.1-Creating the IAM Role

Last updated 5 years ago

Was this helpful?

Welcome to Ze cloud

If you have not already done so, here comes the time for you to follow that , and especially take a few minutes to watch the small video linked there, including the part for creating your first IAM user (IAM = Identity & Access Management). I also included ...

Create your first IAM user as an administrator ASAP as it will enable you to avoid using your "root account".

PLEASE ! Create an in your new AWS account and after that, avoid using your "AWS root account" to manage your environment.

That's an "AWS best practice" for a reason...

There are and articles all over the Internet about that "create aws account" topic, so feel free to watch and compare...just beware to select recent enough ones ( < 1 year old is usually ok).

I'll now wait for you to come back with your shiny admin login to this brand new AWS account....

...

...

...

Ah ! There you are ! And you're an Admin ! And you're at the AWS Management Console ! Great ! (also, butZacchaeus : Jolly Good !)

This is the "home" of your AWS management console : you can manage your account with the menu titled with your "IAM username" @ "account name", choose an "AWS Region" with the menu to the right of it, and access the service management consoles for all AWS services.

Each AWS service has its own "console" and you can have multiple "service consoles" in different tabs of your web browser, which is convenient, especially if you have to copy/paste or cross-check infos from one to the other.

Many AWS services operate at the "AWS Region" level and you can choose very different settings from region to region; some services like IAM or Billing are "global" and have no region selector.

We're going to prepare once and for all your "personal virtual infrastructure" inside the AWS cloud, using several AWS services, mainly :

  • IAM = Identity & Access Management : this service is used by all others to manage permissions

  • EC2 = Elastic Cloud Computing : your virtual servers

  • S3 = Simple Storage Service : your virtual file storage

We'll also indirectly use this service, which you won't need to check because the defaults are ok for us.

  • VPC = Virtual Private Cloud : your own networks, which together form a "private cloud" in the AWS cloud

This "personal infrastructure" will be extremely simple but we'll take precautions to avoid introducing any "security hole"...

What we'll do in this section :

  1. create an AWS "IAM Role" for your server to access AWS services during startup

  2. choose an "AWS Region" to build our mini-infrastructure

  3. create an AWS "S3 bucket" for your server to auto-configure during startup

  4. have a quick look at your AWS "Default VPC"

  5. create an AWS "Key pair" (similar to our [certificate+key] pairs in our own PKI), for you to access your server interactively if you need

  6. create an AWS "Security Group" for your server (a kind of firewall rule)

  7. "fill the bucket" : organize and transfer our security and configuration files into the S3 bucket

  8. create an AWS EC2 "Launch Template" : a set of option choices defining a kind of "server model", that you'll use later on, to repeatedly launch the server itself in the quickest possible way (since you'll "terminate" =destroy the server after each session)

Then we'll be ready to test our setup.

đŸŒĨī¸
â›ˆī¸
đŸŒ¤ī¸
👀
👀
😁
ÂŠī¸
this appendix
administrative IAM user for yourself
hundreds of videos
account creation process info
The AWS Management Console