Before you begin Standalone Sentry installation on Amazon Web Services (AWS)

Before you install Standalone Sentry on Amazon Web Services (AWS), ensure the following:

You have a UEM deployed.

You have an AWS account.

Ports 22 and 443 inbound are open.

The following minimum memory and CPU requirements are available for Standalone Sentry. The table lists t2.medium type configuration offered by AWS that maps to the Standalone Sentry small configuration size.

Table 7.  minimum memory and cpu requirements


Medium configuration

Maximum devices

< 8000 devices

Minimum memory

4 GB

Virtual CPUs**



32 GB

The Standalone Sentry medium configuration size maps to the t2.large type offered by AWS.

To access the Standalone Sentry System Manager, you have enabled port 8443 or TCP port on AWS security group.

Site-to-site VPN is enabled between Core and AWS.

Working with RSA Keys for SSH Access

The RSA keys are a pair of public and private keys known as a key pair. You can generate RSA keys or use the existing RSA keys for SSH Access. The following procedure provides steps to create and use the key pairs. If you already have a key pair generated, then skip steps a, b, and c.

To create new key pair using Amazon EC2, see Creating a Key Pair in


1. Run the following commands in PowerShell to generate the RSA keys.

Generate the private.pem file.

#openssl genrsa -des3 -out private.pem 2048

Change the permission of the private.pem file.

#chmod 400 private.pem

Generate the public.pem file using the private.pem file.

#openssl rsa -in private.pem -outform PEM -pubout -out public.pem

Open the public.pem file and delete the following lines if present and save the file:


-----END PUBLIC KEY-----

2. In AWS, on the left pane, click Key Pairs > Import Key Pair.
3. Click Browse and upload the public.pem file.

For more information on key pairs, see