Menu
AWS Greengrass
Developer Guide

Preparing an Amazon EC2 Instance for AWS Greengrass

Follow these steps to prepare your Amazon EC2 instance for running the AWS Greengrass core software and the AWS IoT Device SDK for C++

To run the AWS Greengrass core software:

  • Use the following commands to add a user named ggc_user and a group named ggc_group:

    Copy
    sudo useradd -r ggc_user sudo groupadd -r ggc_group

To use the AWS IoT Device SDK for C++:

  1. Use the following commands to install cmake:

    Copy
    sudo yum groupinstall "Development Tools" wget https://cmake.org/files/v3.8/cmake-3.8.0.tar.gz tar -zxf cmake-3.8.0.tar.gz cd cmake-3.8.0 ./configure make sudo make install
  2. Use the following commands to install OpenSSL 1.0.2:

    Copy
    wget https://www.openssl.org/source/openssl-1.0.2k.tar.gz tar -xvzf openssl-1.0.2k.tar.gz cd openssl-1.0.2k ./config --prefix=/usr/ make sudo make install

The AWS Greengrass core software checks if hardlink/softlink protection is activated on the operating system at startup. We recommend that you activate this protection to improve security on your device. Follow these instructions:

  1. Set system variables by adding the following two lines to /etc/sysctl.d/00-defaults.conf:

    Copy
    fs.protected_hardlinks = 1 fs.protected_symlinks = 1

    If the file /etc/sysctl.d/00-defaults.conf doesn't exist, follow the instructions in /etc/sysctl.d/README.sysctl.

  2. Reboot the system:

    Copy
    sudo reboot
  3. Validate the change by running:

    Copy
    sudo sysctl -a | grep fs

    If the system variables were set successfully, the following text is displayed:

    Copy
    fs.protected_hardlinks = 1 fs.protected_symlinks = 1