Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ System Platform

TABLE OF CONTENTS

Deployment resources

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedOct 17, 2025
  • 2 minute read

Overview

Elastic Compute Cloud (EC2) instances with a Windows OS or Windows and SQL Server on a dedicated virtual private cloud (VPC) are used to provision the entire infrastructure and install System Platform. You can utilize CloudFormation scripts to provision and configure AWS resources, including EC2 instances. See the CloudFormation user guide for details.

Resources in a typical deployment

A typical deployment sets up the following resources on AWS:

  • Identity and Access (IAM) user

  • AWS Key Management Service (KMS)

  • Amazon KMS Secret Manager

  • AWS System Manager for Amazon Instance Metadata Service (IMDS) configuration

  • Amazon Virtual Private Cloud (VPC)

  • Public and private subnets

  • Security Group

  • EC2 instances

  • EC2 Instance Connect: to provide users with temporary, keyless Secure Shell (SSH) access to Linux and macOS EC2 instances

  • Elastic Load Balancer: to distribute traffic across multiple EC2 instances

  • AWS Direct Connect: to provide a dedicated, private network connection from your on-premises network to AWS

  • CloudWatch: to to collect and track metrics and set alarms

  • CloudTrail: to record auditing, security monitoring, and governance by logging API calls and user activity across your AWS account

Additional security resources and services

Other Amazon services for security that you may want to consider include the following:

  • AWS Shield: to provide distributed denial of service (DDoS) protection.

  • AWS WAF: web application firewall

  • AWS Config: a service that enables you to assess, audit, and evaluate the configurations of your AWS resources.

  • Amazon GuardDuty: a threat detection service that continuously monitors your AWS accounts and workloads for malicious activity.

  • Amazon Inspector: scans your EC2 for software vulnerabilities and unintended network exposure.

  • Amazon Detective: helps you conduct more efficient security investigations.

  • AWS Firewall Manager: a security management service that lets you centrally configure and manage firewall rules

  • AWS Security Hub: a cloud security service that provides a centralized view of security alerts and findings from multiple AWS services and third-party partner tools.

  • AWS Audit Manager

  • AWS Managed Microsoft AD

In This Topic
TitleResults for “How to create a CRG?”Also Available in