==Creating the Initial Infrastructure==
<ol><li># Select a '''Region''' to operate in (e.g. US East (N. Virginia)).</li><li># Within the '''VPC''' (Virtual Private Cloud) service menu, create a '''VPC''' with default tenancy.</li><ol><li>## Create a '''Subnet''' in the VPC and select an '''Availability Zone'''.</li><li>## Create an '''Internet Gateway''' and attach it to the VPC.</li><li>## Edit the '''Route Table''' associated to the VPC and add the following route:<br/>Destination: 0.0.0.0/0 Target: above Internet Gateway</li></ol> <li># Create '''Security Groups''' to define the network security.</li><ol><li>## Create a '''Security Group''' for the Web layer. Configure inbound rules for ports 80 (HTTP) and 443 (HTTPS) to be open from all sources (0.0.0.0/0).</li><li>## Create a '''Security Group''' for SSH access. Configure inbound rules for port 22 (SSH) to be open from SmartSimple office environments (contact SmartSimple for a list of static IPs).</li><li>## Create a '''Security Group''' for the Database layer. Configure inbound rules for port 3306 (MySQL) to be open from the above Web Security Group.</li></ol><li># Within the '''IAM''' service menu, create an '''Encryption Key'''. This will be used for volume encryption.</li><li># Within the '''EC2''' service menu, launch an '''EC2 Instance'''.</li><ol><li>## From the '''AWS Marketplace''', select the CentOS 7 image 'CentOS 7 (x86_64) - with Updates HVM'.<li>## Select an '''Instance Type''' of m4.xlarge.<li>## Select the VPC and corresponding Subnet.<li>## Create three storage '''Volumes''' and enable encryption on them using the above key. Set the volumes with the following details: {| class="wikitable"| Name| Type| Device| Size ##* 10GB root volume (GiB)|-| Root| Root| /dev/sda1)| 10|-| ##* 500GB SmartSimple| EBS| volume (/dev/sdf)| 500|-| Ext| EBS| ##* 20GB ext volume (/dev/sdg)| 20|}</li> <li>## Encrypt the volumes with the above Encryption Key.</li><li>## Associate the above Web and SSH Security Groups.</li></ol></ol>
===Optional RDS Deployment===
While the above steps are sufficient for a base SmartSimple environment, the following instructions are optional if you wish to provision a high availability clustered environment by adding an AWS Relational Database Service (RDS) instance.
<ol><li># Within the '''RDS''' service menu, create a new '''DB Subnet Group''' and add '''Subnets''' for two different '''Availability Zones'''.</li><li># Create a new '''Parameter Group''' based off the default 'mariadb10.0'. Set the following parameters:<br/>#* connect_timeout = 60<br/>#* interactive_timeout = 60<br/>#* log_bin_trust_function_creators = 1<br/>#* time_zone = ''your local timezone'' (e.g. 'US/Eastern')<br/>#* wait_timeout = 60</li><li># Launch a '''DB Instance'''.</li><ol><li>## Select the MariaDB database engine (version 10.4.x).</li><li>## Select an '''Instance Class''' of db.m4.large (if deploying RDS, the EC2 instance created above may be resized from m4.xlarge down to m4.large).</li><li>## You may choose whether to enable '''Multi-AZ Deployment''' or not.</li><li>## Set '''Allocated Storage''' to 200GB.</li><li>## Select the VPC, Subnet Group, Security Group, and DB Parameter Group previously created.</li><li>## Set '''Publicly Accessible''' to no, and '''Enable Encryption''' to yes and select the Encryption Key previously created.</li><li>## You may set '''Auto Minor Version Upgrade''' to yes to allow for automatic updates.</li></ol></ol>
==Creating Additional Environments==
