I am making significant changes to this site. Thank you for your patience.
If you have followed the posts in this series, Part 3 left us with the following completed:
Diagram of our architecture IAM roles S3 bucket and its policies The next step is to build the EC2 server.
Requirements In order to do this properly, you’ll need to meet or exceed the minimum system requirements published by Ubiquiti. You can find those officially here, but at the time of this writing they are as follows:
Continuing on from Part 2 where we created the required IAM group, user, and policies we get to the exciting part…building! The first step is to create the storage backend. In this case we’re utilizing Amazon Simple Storage Service (S3). As usual, I will refer you to AWS’s docs for the official S3 guide for creating the bucket. The process itself is very simple, but there are a few details to pay attention to specifically regarding this application.
Part 1 of this series outlined the architecture, which is then followed by creating the IAM group, user, and policy the EC2 will use to place recorded video in the S3 bucket.
Open the IAM console Create a group (I named mine ‘unifi’) Attach a policy to the group. This is an example policy that I created in the visual editor. You can open it or restrict it to fit your specific needs as this is not the most restrictive policy example.
Like many of you, I am watching the AWS re:Invent keynotes and announcements remotely. Being network and performance focused here are the announcements I am currently most excited about. I will update this list as the week progresses.
VPC ingress routing now makes routing to virtual appliances easier! This is a much welcomed improvement as routing inside the VPC has always been a bit tricky and cumbersome.
Transit Gateway Manager manages and monitors the on-prem to cloud networks centrally and easier.
There are some gaps and changes to this that I have not completed or corrected. I am currently working on another project. Please contact me if you are using this as a guide and would like a little help. I will get back to this tutorial at a later date. **_Notice: I am not an official representative or affiliate of Ubiquiti or AWS. The process outlined below represents the high-level steps I used to successfully launch this application myself.
As promised, CloudFlare delivered HTTP/3 this week. If you don’t know what this is and what it could mean for web browsing in the future I highly recommend reading their blog and other sites about it. HTTP/3 brings another fundamental shift to transport protocols by building on the lessons learned from TCP and UDP. I’m particularly intrigued to see HTTP requests begin before the handshake is complete. CloudFlare released it to their customers who signed up to enable it early.