Step 2: Set Up Your VPC - AWS Ground Station

Step 2: Set Up Your VPC

The full setup of a VPC is beyond the scope of this guide. If you don't have an existing VPC that is already customized, you can use the default VPC that is created in your AWS account. We recommend adding a Linux bastion to your VPC so that you can SSH into your Amazon EC2 instances without attaching a public IP address. For more information about configuring a Linux bastion in your VPC, see Linux Bastion Hosts on AWS.

For your convenience, instructions to quickly add a bastion host to your Linux environment in AWS are below. While this is not required, it is recommended best practice.

  1. Login to your AWS account.

  2. In the Linux Bastion Hosts on the AWS Cloud: Quick Start Reference Deployment page, choose Launch Quick Start (for new VPC).

  3. In the Create Stack page, choose Next. The template is pre-populated.

  4. In the Specify stack details page, make edits and changes in the following boxes:

    1. Enter a stack name for your host in the Stack Name box.

    2. For Availability Zones, select the Availability Zones you wish to use for the subnets in the VPC. At least two Availability Zones must be selected.

    3. For Allowed bastion external access CIDR, enter the CIDR block that you would like to enable SSH access from. If you are unsure, you can use the value of to enable SSH access from any host that has the SSH key.

    4. For Key pair name, choose the key pair name you created in Step 1: Create EC2 SSH Key Pair.

    5. For Bastion instance type, choose t2.micro.


      The t2.micro instance type is not available for the Europe (Stockholm) Region (eu-north-1). If you are using AWS Ground Station in the Europe (Stockholm) Region (eu-north-1), choose t3.micro.

    6. For TCP forwarding, choose true.

    7. (Optional) Make other edits and changes as necessary. To customize your deployment, you can change your VPC configuration, choose the number and type of bastion host instances, enable TCP or X11 forwarding, and enable a default or custom banner for your bastion hosts.

    8. Choose Next.

  5. In the Configure stack options page, make any changes or edits as necessary.

  6. Choose Next.

  7. Review the details of your bastion host and select the two Capabilities acknowledgements. Then, choose Create stack.