Skip to main content

Search

How do I create an AWS EC2 Cloud Canary?

Description: Canaries aren't just hardware devices. You can run Canaries inside your EC2 Cloud infrastructure, using the same Console as the rest of your Canary fleet.

Note: Like other Cloud Canaries, a registered, but offline, Cloud Canary will still occupy a license. If you've terminated a bird onEC2, don't forget to decommission it on your Canary Console too. See guide here to decommission a Canary.

Running costs in AWS - click here

Follow the steps below to create your EC2 Cloud Canary:

Step 1:

Log in to your Console.

Canary_Login_.png

Step 2:

Click the + icon and click Add Canary.

-_Add_Canary.png

Step 3:

Click Add EC2 Canary.

mceclip0.png

Step 4:

Click Launch on the AWS region you want to deploy your Canary into.

Note: If the account/region is not available on your Console, please see our guide here.

mceclip1.png

Step 5:

You will be taken to your AWS account where you will need to Sign In.

mceclip2.png

Step 6:

Select Review and Launch to continue your EC2 Cloud deployment.

Note: We will automatically selected the instance type. EC2 Cloud Canaries are not high powered and only require a t2.micro instance.

mceclip3.png

Step 7:

We will also automatically configure the instance details, storage, tags and security groups.

Once you are happy with the configuration, select Launch.

mceclip4.png

Note: 

  • The security group you select should allow traffic between the bird and the networks you want to monitor.
  • Exposing your instance to the public internet will produce lots of noise. We recommend not opening up ports to 0.0.0.0/0.

Step 8:

Select Proceed without a key pair from the drop down and select Launch Instance.

Note: This is required by Amazon, but the Canary will not use the keys; there's no way to log in to the Canary remotely. You can also pick any keypair available in your EC2 environment.

mceclip5.png

Step 9:

Your instance is now launching.

Note: If the launch process returns an error regarding accepting terms, this page describes the steps you need to take.

mceclip6.png

Step 10:

Your instance is busy Initializing.

mceclip7.png

Step 11:

On your Console you should see a pop up to confirm your new Canary.

Click Add Canary.

mceclip8.png

Step 12:

Your EC2 Canary will boot and connect back to your Console.

You can setup your EC2 Canary from within your Console using the remote management - Guide found here.

mceclip9.png

You're done! ;-)

 

Costs per EC2 Cloud Canary


The AWS Birds run on a t3.micro and depending on the regions, the estimated cost would be $5 to $8 per month.

Simply head over to this link here and follow the below steps:
  1. Set Location Type to AWS Regions
  2. Set Region to the region your running your Canary in - note we've selected US East (Ohio)
  3. Set Operating system to Linux - note this should be the default 
  4. Type t3.micro in the search bar to quickly find the running costs 
  5. The hourly costs is shown here and can be multiply by 730 hours in a month.
i.e 730 x 0.0116 = $7.59 per month

AWS - Cost.png
 

EC2 Cloud Canary permissions:

We have crafted the EC2 Bird launch experience to be as seamless as possible.

For environments looking to setup a service account with least privilege to deploy EC2 Canary’s, the below permissions are required to launch an instance.

Permissions required: 

AuthorizeSecurityGroupIngress
CreateSecurityGroup
DescribeAccountAttributes
DescribeAvailabilityZones
DescribeCapacityReservations
DescribeHosts
DescribeImages
DescribeInstanceAttribute
DescribeInstanceCreditSpecifications
DescribeInstances
DescribeInstanceStatus
DescribeInstanceTypes
DescribeKeyPairs
DescribeLaunchTemplates
DescribeNetworkInterfaces
DescribePlacementGroups
DescribeSecurityGroups
DescribeSnapshots
DescribeSpotPriceHistory
DescribeSubnets
DescribeTags
DescribeVolumes
DescribeVolumesModifications
DescribeVolumeStatus
DescribeVpcs
GetDefaultCreditSpecification
GetEbsEncryptionByDefault
RunInstances

 

Was this article helpful?
7 out of 8 found this helpful
Return to top