AWS – Acquire the SwissPKI AMI


Using user SwissPKI-Admin as previously defined, open the Elastic Compute Cloud (EC2) console and select EC2 Dashboard on the left panel. On the right panel, in the AWS Marketplace section, click on EC2 Launch Wizard.


Configure the Instance

Step 1 – Select AMI

Search for SwissPKI, and select the AMI.


Click on Continue.

Step 2 – Instance Type

Choose the instance type on which you want to run the SwissPKI.


Click on Next: Configure Instance Details

Step 3 – Instance Details

Configure the instance. For the purpose of this guide we use the following values:

  • Number of instances: 1
  • Network: default
  • IAM role: SwissPKI-Decrypt-Secrets


Click on Next: Add Storage

Step 4 – Storage

Configure the storage device. 10 Gb are usually enough since apart from the log files all the data are stored in the database.


Click on Next: Add Tags

Step 5 – Tags

No tags to add.


Click on Next: Configure Security Group

Step 6 – Security Group

Select option Create a new security group and give it a name of your choice. Then configure the SSH port 22 in order to avoid opening the instance to everyone.


Click on Review and Launch

Step 7 – Review

Review the settings of the instance and click on Launch

Step 8 – Connection Keys

Finally, in order to log into the instance from a remote computer through SSH, let Amazon creates a new key pair or import your own. These keys will then appear in the EC2 console.


Click Launch Instance

Check Status


Click on Instances on the left panel. The SwissPKI instance should be displayed with status Starting or Running.