Description: Canaries aren't just hardware devices. You can run virtual Canaries inside your Amazon EC2 infrastructure, using the same console as always.

Here's how to do it.

Step 1: Confirm CloudCanary is enabled for your account

Browse to your Console, enter your credentials, and click "Setup". You should see "Cloud Canary" in the settings menu. If you don't, please contact support with your Amazon Account ID, and the regions you want to run CloudCanaries in.

In addition, you'll see a list of AMIs in the regions you requested.

Note that a registered but offline CloudCanary will still occupy a license. If you've terminated a bird in EC2, don't forget to decommission it in your Canary Console.

Step 2: Launching your CloudCanary

Find the EC2 region you want to launch your bird into, and click "Launch". This will open the EC2 dashboard in a new tab, ready to launch your AMI.

Step 3: Configure the EC2 instance and launch

Simply configure your EC2 instance as usual, selecting the instance type, configuring the instance details, storage, tags and security groups according to your preferences.

Some tips:

  • Your instance type does not need to be high powered. t2.micro is fine.
  • The security group you select should allow traffic between the bird and the networks you want to monitor.
  • Exposing your instance to the public internet will produce lots of noise. We recommend not opening up ports to 0.0.0.0/0.
  • You will be prompted to assign a keypair to the CloudCanary. This is required by Amazon, but the Canary will not use the keys; there's no way to login to the Canary remotely. You can pick any keypair available in your EC2 environment.

On last EC2 step, click the "Launch" button to start the bird. It will take a couple of minutes to boot and configure itself.

If the launch process returns an error regarding accepting terms, this page describes the steps you need to take.

Step 4: Commission bird

When the bird is configured and running, it will contact the console to register itself. You will then need to commission the device in the Canary console. In your Console tab, wait for the commission dialog.

Click "Commission Canary", and the bird's status will go green.

It's now ready for remote configuration to enable profiles and services.