PIA SOFTWARE
Setting up the Flow Logs Viewer
Setting up the Piasoft Flow Logs Viewer is easy and takes less than 10 minutes. There are only two steps:
-
Launch the AMI from the AWS Marketplace. It uses a CloudFormation template. CloudFormation will prompt you for the VPC, Subnet, and CIDR for launch.
- Visit the EC2 console at the link below, and change to the region you launched the Flow Log Viewer in:
https://console.aws.amazon.com/ec2/v2/home?region=us-east-1#Instances:search=pia;sort=instanceState
Now, copy the public IP from the EC2 console, and hit that IP. It can take 4-5 minutes for the instance to launch.
It's that simple, and here is a 2 minute video of the process:
Click here for SSO and SAML setup instructions:
https://www.piasoftware.net/blog/tag/sso
Tips
Use the 30-day trial on a t2.micro for a free-tier experience.
Use a larger instance to use more flow logs when analyzing security groups. With an r5.24xlarge, you can analyze up to 768 million flow logs per ENI.
How we deploy the Flow Log Viewer
You can launch the AMI by using CloudFormation through this link:
https://aws.amazon.com/marketplace/pp/B074N3YQ1P
This will:
-
Create an IAM role with the minimum required permissions for the Flow Log Viewer.
-
Create a security group that allows connections from your IP to ports 22 and 443 on the FLV to the CIDR you specify.
-
Launch the PiaSoft Flow Log Viewer AMI, in the region you chose, with the new IAM role.
Here is the CloudFormation template we use to launch an instance on your behalf:
https://s3.amazonaws.com/piasoftware-public/CloudFormationTemplate-PiaSoftware.json
-
Incoming ports are limited to:
-
-
port 22 : from your IP range only, for administration over ssh
-
port 443: https - from your IP range only, secure browser connection
-
port 80: (optional) http, this will redirect to https
-
-