Agent Requirements - AWS Ground Station
VPC diagramsSupported operating system

Agent Requirements

Note

This AWS Ground Station Agent guide assumes that you have onboarded to Ground Station using the Setting Up AWS Ground Station guide.

The AWS Ground Station Agent receiver EC2 instance requires a set of dependent AWS resources to reliably and securely deliver DigIF data to your endpoints.

  1. A VPC in which to launch the EC2 receiver.

  2. An AWS KMS Key for data encryption/decryption.

  3. An SSH key or EC2 Instance Profile configured for SSM Session Manager.

  4. Network/Security Group rules to allow the following:

    1. UDP traffic from AWS Ground Station on the ports specified in your dataflow endpoint group. The agent reserves a range of contiguous ports used to deliver data to the ingress dataflow endpoint(s).

    2. SSH access to your instance (Note: You can alternatively use AWS Session Manager to access your EC2 instance).

    3. Read access to a publicly accessible S3 bucket for agent management.

    4. SSL traffic on port 443 allowing the agent to communicate with the AWS Ground Station service.

    5. Traffic from the AWS Ground Station managed prefix list com.amazonaws.global.groundstation.

Additionally, a VPC configuration including a public subnet is required. Refer to the VPC User Guide for background on subnet configuration.

Compatible configurations:

  1. An Elastic IP associated with your EC2 instance in a public subnet.

  2. An Elastic IP associated with an ENI in a public subnet, attached to your EC2 instance (in any subnet).

You may use the same security group as your EC2 instance or specify one with at least the minimum set of rules consisting of:

  • UDP traffic from AWS Ground Station on the ports specified in your dataflow endpoint group.

See the "Wideband DigIF Data Delivery Templates" section of Choose a Template for example AWS CloudFormation EC2 Data Delivery templates with these resources preconfigured.

VPC diagrams

Diagram: An Elastic IP associated with your EC2 instance in a public subnet

Diagram: An Elastic IP associated with an ENI in a public subnet, attached to your EC2 instance in a private subnet

Supported operating system

Amazon Linux 2 with 5.10+ kernel.

Supported instances types are listed in EC2 Instance Selection and CPU Planning