How to Deploy KopiCloud AD API from AWS MarketPlace
KopiCloud AD API is a production-ready REST API for Microsoft Active Directory and DNS with a Terraform Provider.
It can integrate Microsoft AD and DNS with our applications or scripts, or we can use the KopiCloud Terraform Provider in our CI/CD Terraform pipelines without credentials.
In this history, we will learn how to deploy the KopiCloud AD API from the AWS Marketplace.
The KopiCloud AD Terraform Provider
This story is part of my KopiCloud AD Terraform Provider series.
I have been deploying Active Directory in AWS, Azure, GCP, and OCI cloud environments for +10 years. I have been using AD since Microsoft launched the public beta in 1999, so this is one of my favorite subjects to write about.
- Automating Microsoft AD and DNS with Terraform & KopiCloud AD API
- How to Configure the KopiCloud AD Terraform Provider
- How to Create and Manage AD Users with Terraform
- How to Deploy KopiCloud AD API from AWS MarketPlace (this story)
Selecting the KopiCloud AMI
To deploy an AWS EC2 Instance with KopiCloud AD API from an AWS Marketplace image, we need to follow the procedure below:
1) Open the Amazon EC2 console at https://console.aws.amazon.com/ec2.
2) From the Amazon EC2 console dashboard, choose Launch instance.
3) Under Application and OS Images (Amazon Machine Image), type kopicloud and click the Browse more AMIs link.
4) Choose the AWS Marketplace AMIs tab to show all KopiCloud AMIs available.
5) To choose the right KopiCloud AD API product version for us, choose the Select button next to the operating system.
A dialog box opens with an overview of the version of the KopiCloud AD API you’ve selected.
Note: We will only pay AWS EC2 costs as the KopiCloud AD API license in AWS is BYOL (Bring Your Own License).
Configuring the EC2 Instance
After we selected the image, we need to configure the EC2 Instance
- Under Name and tags, for Name, enter a descriptive name for our instance.
2) For Instance type, select an instance type for our instance. T3.Medium or T3.Large is recommended for the setup.
3) Under the Key pair (login) section, choose an existing key pair or create a new one for the Key pair name.
4) Under Network settings, Firewall (security groups), please review the new security group created for KopiCloud AD API.
The security group includes rules that allow all IPv4 addresses (0.0.0.0/0) access on RDP (port 3389) on Windows.
Note: We recommend adjusting these rules to allow only a specific address or range of addresses to access our instance over those ports.
5) In the Configure storage section, we can keep or increase the 30 GB default size.
6) In the Summary panel, under Software Image (AMI), check the details of the AMI from which we are about to launch the instance.
Also, check the other configuration details that we specified. Choose the Launch instance button when we are ready to launch our instance.
The instance might take a few minutes or more to launch, depending on the product we have subscribed to.
We are first subscribed to the product before our instance can launch.
When the launch confirmation page displays, choose View all instances to go to the Instances page.
Final Steps
After the EC2 instance is launched, we need to complete the final steps:
1) Generate a free trial license at https://adapi.kopicloud.com/get-license
2) When the machine is ready, retrieve our initial administrator password using the AWS CLI or AWS Console.
In the AWS Console, select the new instance, click on the Actions menu, select Security, and then Get Windows password.
Then, we will follow the instructions to retrieve the password.
3) Log in to the EC2 Instance using the default Windows username (Administrator) and the password retrieved in the previous step.
4) Join the EC2 Instance to the AD Domain that we will manage using the API and restart the machine.
Note: Based on the VPC and Subnet configuration, extra steps may be required to join the machine to the domain.
5) Run the KopiCloud AD API Config tool in folder C:\KopiCloud-AD-API-Config to finish the API setup.
Note: read this document to learn more about the Setup Config Tool.
In future stories, we will continue exploring the KopiCloud AD API in detail.
Explore the KopiCloud AD API repo at https://github.com/KopiCloud-AD-API. There are examples and scripts to deploy KopiCloud AD API in several cloud providers such as AWS, Azure, GCP, and OCI.
Visit the KopiCloud AD API website for more details about the REST API and the Terraform Provider at https://adapi.kopicloud.com
And that’s all, folks. If you liked this story, please show your support by 👏 this story. Thank you for reading!