aPersona Identity Installation

Prerequisites

Before begining the aPersona Identity Installation, be sure you have the following prerequisites:

  1. An AWS account.

    (For initial testing we recommend you create a new AWS account, but this is not required. The aPersona Identity installation also comes with an uninstaller that removes everything cleanly and efficiently if needed.)

  2. A domain that you own setup in AWS Route53 in your AWS account.

    (If you do not have a domain, you can easily purchase one from within AWS Route53 in your AWS account. If the domain that you want to use is hosted in some other solution, like Godaddy, etc, you can simply create a sub-domain in AWS Route53. For example: if your third-party domain service domain is yourdomain.com, then in your AWS Route53 you create a new hosted zone. For example: id.yourdomain.com.)

    • In Route53 create a new public hosted zone: id.yourdomain.com (note and copy all the NS records associated with your new sub-domain.)

    • In your third party/other domain account that hosts yourdomain.com, create an NS Record, “id”, and paste the NS Values from your subdomain and save the record.

  3. Google reCAPTCHA configured [Recommended]:

    (reCAPTCHA, Label: yourdomain.com, reCAPTCHA Type: Score based (v3), Domains: yourdomain.com, Project Name: select from list, Accept Ts & Cs, => Submit) [Google reCAPTCHA free tier is good for 10K checks per month. Then it’s $1/mo per 1K checks.]

  4. An email account: Gmail, or O365 or other.

    (Note: If using Gmail ensure 2-Factor is turned on and you have an app specific password setup.)

Watch a demonstration of how to complete the aPersona Identity prerequisites.

  1. Register your AWS account with aPersona’s hosted Adaptive Security Manager. Register Here. Simply fill in the form and submit it.

    (In these instructions, your installation will be interfaced with aPersona’s hosted Adaptive MFA service running on AWS in aPersona’s AWS hosted services. It is certainly possible for customers to run their own copy of aPersona’s ASM Service in their own AWS account, but that requires some additional steps, which are not covered here. Contact aPersona support for those additional instructions.)

  2. Once you complete your aPersona AWS Account registration you will be emailed an aPersona Identity installation key.

  3. In your AWS account create a new VM that will be used for the aPersona Installation.

    (This vm will only need to be running while you are installing or updating your aPersona Identity service. Do not remove/delete it once you install. Uninstall instructions are included at the end of this documents.)

    • Before beginning the install, please select your AWS Region where you want to install aPersona Identity. (Currently you can have only one aPersona Identity instance for each AWS Account.)

    • In your AWS account navigate to EC2, and click Launch Instance.

    • Enter a name: ex. aPersona Identity Installation VM

    • Leave the default linux as Amazon Linux 2023 AMI.

    • For instance type select: t2.xlarge

    • For SSH access create a new key pair or select an existing key pair if you wish.

    • Allow SSH traffic from “your IP”.

    • Expand “Advanced Details” and click Create new IAM profile.

    • Create an aPersona Identity Installer Role:

      • Click Create a role. (This will open a new tab.)

        • Trusted entity type: AWS Service

        • Use case: EC2

        • Click Next.

        • Permissions: AdministratorAccess

        • Click Next

        • Name the role: aPersona Identity Installer (This role will only be used by the EC2 instance.)

        • Click Create Role

    • Go back to your EC2 Instance tab.

    • Click the refresh icon next to the IAM Instance Profile input field.

    • Select your new role in the IAM Instance Profile input field.

    • Click Launch Instance.

  4. Connet to your new aPersona Identity Installation VM via SSH

    (Note: The aPersona Identity Installation takes 30 to 50 minutes to complete, so it is best to connect to your EC2 instance via an SSH tool like putty or other tool instead of using the AWS Connect button in the AWS portal, because this method may time-out during the installation. Do also note however that if the install does time-out for any reason, you can simply run the install script again and the installation will pick up where it left off. The installer is very resilient.)

    • Login with ID: ec2-user and your password or SSH Key.

  5. Install aPersona Identity in your AWS account.

    • Once logged in enter the following commands into the terminal:

      # sudo -i

      # curl -o- https://raw.githubusercontent.com/apersona/aPersona-Identity-for-AWS-Installation/main/init_deploy.sh |bash

    • At this point the aPersona Identity installation will be copied to your VM.

    • Edit the config.sh file with your installation settings. (use vi or vim)

      # vi config.sh

    • Follow the instructions in the file and save it.

    • Run the installation: (It will take 30 to 45 min to run the installation. Review and Accept the aPersona Terms and Conditions.)

      # ./update.sh

      Note: it is normal during the install the first time to see this message: An error occurred (404) when calling the HeadObject operation: Not Found

    • During the install you will receive two emails.

      • The first email will be an invite to your new aPersona Adaptive Security Manager Admin account. This will be sent very shortly after the installation begins. You can follow the instructions in the Email and complete your aPersona ASM registration. For training on how to configure your aPersona ASM Admin account settings see our video training here: (coming soon)

      • The second email will contain your aPersona Identity Admin Portal login url and temporary password. This email will come at the very end of the installation. If you have not received this email, then your installation has not completed. You can always just re-run # ./update.sh again to complete any missing install elements due to a time-out, and then you should receive the second email.

  6. Installation is finished!!!

    • Shut down your aPersona Installation VM. You can leave it off until you want to perform an upgrade.

    • To learn more on how to test and configure your new aPersona Identity platform, please see our video training here: coming soon

    • To get the latest updates at any time, just restart your aPersona Installation VM, login, run # sudo -i, then the # ./update.sh script again.

    • To uninstall, just restart your aPersona Installation VM, login, run # sudo -i, then the # ./uninstall.sh script, then once it is finished, shut down the VM, and delete it if you wish.

    • Please go to our training video series for post installation configurations and customizations: (coming soon)

aPersona Identity Installation Steps: