ZAIO deployment on AWS / EC2
This is a guide to run a fully functional Zentral instance on Amazon AWS. We will be using the Zentral all in one pre-build AMI (Amazon image).
Note: We also provide a guide for a Google Cloud based setup – please look here.
To follow this tutorial, you will need an admin access to the AWS web console – Getting Started with Amazon EC2 .
Note: This tutorial is only a first step toward a production deployment on AWS.
Start a new instance
In the AWS EC2 console, in one of the supported region (
eu-central-1), click on the Launch instances button. Pick a Name.
Select the Zentral all in one AMI
Click on the Browse more AMIs link. Select Community AMIs. Use zaio as search term.
Owner account ID:
AMIs name pattern:
Pick an instance type
You can start with a
t4g.medium instance type. We strongly advice against using any kind of "smaller" instances. A lot of software will be running on the instance (elasticsearch, postgres, rabbitmq, prometheus, grafana, django app, …)
Then click on the Next: Configure Instance Details button.
It will be required for the first login. You can use an existing key pair, or create a new one. The username for the login is
The required open ports are 22, 80, and 443.
If you are new to this, just create a new security group for the Zentral instance.
Select Create security group and tick the three boxes for
HTTPS (you can restrict the allowed ip ranges if you like).
You can start with one 10GB general purpose SSD (
gp2) volume. But that would be only enough to store a limited amount of events. As a rule of thumb, you will need about 9GB + 1GB for every million of events stored, but that can vary a lot depending on your inventory sources, and the kind of events you are collecting.
Launch the instance
Click on the Launch button.
Setup the domain name(s) for your instance
Zentral requires a domain name resolving to the IP address of the launched instance.
- In the AWS console, find the public IP address of the instance that is starting. No need to wait for the instance to be available.
- Use this IP to setup an A record. (zentral.example.com for the rest of this tutorial)
- Test the resolution of this record! You cannot move on to the next section before they are setup.
Log onto your instance
You need the path to the key pair you have just setup. The default username is
ssh -i ~/.ssh/TheNameOfTheKeyPairFile firstname.lastname@example.org
Once logged in, you can use a command line tool to setup your instance. Because this last step is the same for a Google Cloud deployment, we have kept it on a separate wiki page.