Initial Preparation and Configuration of the AWS Image

This section covers initial preparation and configuration of the image on AWS.

1. The IAM Role

To ensure seamless operation, proper AWS permissions for the IAM (Identity and Access Management) role are essential. This role must be attached to the instance, otherwise disconnection errors will be thrown after one hour.

You can pre-create the role on your AWS account and then select it from the existing IAM role drop-down during the instance configuration process.

If you create the role during the creation of an instance, the role will not be attached automatically. The role should be added post setup.

A role can be assigned to a running instance through the following steps: Actions  Security  Modify IAM-role. It needs to have the following policy attached in order to be used:

{
    "AttachedPolicies": [
        {
            "PolicyName": "AWSMarketplaceMeteringFullAccess",
            "PolicyArn": "arn:aws:iam::aws:policy/AWSMarketplaceMeteringFullAccess"
        }
    ]
}

To allow the EC2 service to assume such role:

"AssumeRolePolicyDocument": {
            "Version": "2012-10-17",
            "Statement": [
                {
                    "Effect": "Allow",
                    "Principal": {
                        "Service": "ec2.amazonaws.com"
                    },
                    "Action": "sts:AssumeRole"
                }
            ]
        }

IAM role can be attached to an EC2 instance by means of an instance profile, which acts as a container for the role itself.

For detailed information on IAM roles, see: docs.aws.amazon.com/IAM

2. Configure SUSE Manager Instance

Procedure: Configuring your SUSE Manager instance
  1. Select the AMI image and provide a meaningful name for your server. Review the details and pricing information provided.

  2. You have the option to configure additional instance details in subsequent steps, such as storage, tags, security groups, and the required IAM role.

    1. The image automatically suggests a default CPU configuration.

    2. Choose an existing key pair or create a new one to grant access to the instance.

    3. Your organization should provide the necessary security groups and network configuration.

    4. If an IAM role has been previously created, you can attach it by selecting it from the existing IAM role drop-down. Otherwise, attach this role after the instance has been launched.

    5. Create the following partitions

      • 100 GB for the root partition

      • 500 GB for spacewalk storage

      • 80 GB for the database.

        For more information see: AWS requirements

    6. Follow the prompts from AWS to complete the configuration as needed.

  3. After reviewing your configuration click the Launch instance dropdown.

  4. Click on the Launch Instances button.

  5. You will be redirected to the EC2 Dashboard.

  6. Verify that the instance has successfully launched by selecting Instances on the left sidebar. The SUSE Manager PAYG instance should be running in the main content area.

Usage and Costs

Because this is a PAYG image, you will be billed according to your actual usage, including the number of systems you manage and monitor with this instance. It is essential to regularly track and review your usage to prevent unexpected costs and ensure alignment with your needs.