AWS Installation

This guide explains how to deploy Entropy Data on Amazon Web Services (AWS). AWS offers multiple deployment options, from simple container services to fully managed Kubernetes clusters.

Prerequisites

• Active AWS account
• AWS CLI installed and configured
• SMTP server for transactional emails (such as AWS SES, Mailgun, SendGrid, or similar)
• (Optional) eksctl for EKS deployments

Deployment Options

AWS provides several options for deploying Entropy Data:

1. AWS App Runner - Simplest fully managed option (detailed below)
2. Amazon ECS (Elastic Container Service) - Container orchestration with AWS Fargate
3. Amazon EKS (Elastic Kubernetes Service) - Full Kubernetes for enterprise deployments (see Kubernetes installation guide)
4. AWS Elastic Beanstalk - PaaS solution for Docker containers

AWS App Runner Deployment (Recommended)

AWS App Runner provides the simplest deployment path with automatic scaling and built-in load balancing.

Deploy Using CloudFormation

Click the button below to deploy Entropy Data to AWS using CloudFormation:

Step 1: Configure Stack Parameters

Provide a stack name and configure the CloudFormation parameters. The most important parameters are:

• DomainName: Domain name for your Entropy Data instance
• SMTP settings: Configure email delivery (you can use an AWS SES service as described below)
• SuperAdmins: Email address(es) of administrators who will have access to /admin page for advanced administrations

Step 2: Monitor Stack Creation

The CloudFormation stack will create all necessary resources including VPC, RDS PostgreSQL database, and App Runner service. This typically takes 10-15 minutes.

Step 3: Access Your App Runner Service

Once the stack is created, navigate to App Runner to view your service details and access the application URL.

Step 4: Configure Custom Domain (Optional)

By default, App Runner provides a generated domain (e.g., https://abc123.eu-central-1.awsapprunner.com). To use your own custom domain:

1. In the App Runner console, select your service
2. Navigate to the Custom domains tab
3. Click Link domain
4. Enter your domain name (e.g., entropy.example.com)
5. App Runner will provide validation records (CNAME or certificate validation records)
6. Add these DNS records to your domain's DNS configuration
7. Once validated, App Runner will automatically provision an SSL/TLS certificate
8. Update the PUBLIC_URL environment variable in your CloudFormation stack to match your custom domain

Note: DNS propagation can take up to 48 hours, though it typically completes within a few minutes to hours.

Step 5: Create Your Account

Open the App Runner service URL in your browser and create your first account .

Configure AWS SES

AWS Simple Email Service (SES) is a cost-effective email service that can be used to send transactional emails. If you already have an SMTP service for transactional emails, you can skip this section. This section explains how to set up AWS SES and configure it in your CloudFormation stack.

Setting up AWS SES

Step 1: Add and Verify Your Email Address or Domain

1. Navigate to the Amazon SES console
2. In the left sidebar, click on Identities under Configuration
3. Click Create identity
4. Choose Email address for quick setup, or Domain for production use (recommended)
5. For email address: Enter the email address you want to use as the sender (e.g., info@example.com)
6. For domain: Enter your domain name (e.g., example.com) and follow the DNS verification steps
7. Click Create identity
8. If using email address verification, AWS will send a verification email. Click the verification link to complete verification.
9. If using domain verification, add the provided DNS records (TXT, CNAME, MX) to your domain's DNS configuration

Recommended: Use domain verification for production deployments as it allows you to send from any email address at your domain without individual verification.

Step 2: Configure Domain Authentication (Recommended)

For better email deliverability, configure SPF, DKIM, and DMARC as described.

These settings help ensure your emails are not marked as spam and improve deliverability rates.

Step 3: Create SMTP Credentials

1. In the Amazon SES console, navigate to SMTP settings in the left sidebar
2. Note the SMTP endpoint for your region (e.g., email-smtp.eu-central-1.amazonaws.com)
3. Click Create SMTP credentials in the top right
4. Enter a descriptive IAM User Name (e.g., entropy-data-smtp-user)
5. Click Create user
6. Important: Download and save the SMTP credentials (username and password). You will need these for the CloudFormation configuration

Step 4: Note Your SMTP Configuration Details

The SMTP settings page displays all the information you'll need:

• SMTP endpoint: The hostname for your region (e.g., email-smtp.eu-central-1.amazonaws.com)
• STARTTLS Port: 25, 587, or 2587
• TLS Wrapper Port: 465 or 2465
• Transport Layer Security (TLS): Required

CloudFormation SMTP Parameters

When deploying the CloudFormation stack, configure the following SMTP parameters:

• MailFrom: Email address to send emails from (must be verified in SES, e.g., info@example.com)
• SMTPBasicAuth: Set to true to use basic authentication for SMTP server
• SMTPHost: SMTP server hostname (e.g., email-smtp.eu-central-1.amazonaws.com)
• SMTPPassword: SMTP server password (from the credentials you created in Step 3)
• SMTPPort: SMTP server port (use 587)
• SMTPStartTLS: Set to true to use STARTTLS for SMTP server (recommended for port 587)
• SMTPUsername: SMTP server username (from the credentials you created in Step 3, NOT the IAM user name)

SES Sandbox Mode

By default, new AWS SES accounts start in sandbox mode, which has the following limitations:

• You can only send emails to verified email addresses and domains
• You can only send from verified email addresses and domains
• You can send up to 200 emails per 24-hour period
• You can send up to 1 email per second

To remove these limitations and send emails to any recipient:

1. Navigate to the Amazon SES console
2. In the left sidebar, click Account dashboard
3. Look for the Sending statistics section which will show if you're in sandbox mode
4. Click Request production access
5. Fill out the request form with details about your use case
6. AWS typically reviews and approves requests within 24 hours

Testing Your Configuration

After deploying the CloudFormation stack with your SMTP settings:

1. Access your Entropy Data instance URL
2. Create a new user account or reset your password
3. Check that you receive the verification email
4. Monitor the SES console under Account dashboard > Sending statistics to track email delivery

Next Steps

• Configure SSO for user authentication
• Set up SCIM for user provisioning
• Configure observability for monitoring
• Review all configuration options
• Explore AWS integration

Additional Resources

• AWS App Runner Documentation
• Amazon ECS Documentation
• Amazon EKS Documentation
• Amazon RDS Documentation
• Configuration Reference