Enterprise Cloud Image - Amazon Machine Image (AMI)

Overview

Anchore Enterprise Cloud Image is a fully functional Anchore Enterprise deployment that is pre-configured and ready to use. The cloud image is currently available for our Amazon users. For general information on the Amazon Machine Images (AMI) and how to use them, see the Amazon EC2 documentation.

The Anchore Enterprise Cloud Image Manager is shipped as part of the AMI to aid in the installation, configuration, and management of the Anchore Enterprise Cloud Image. For more information about the Cloud Image Manager, see the Cloud Image Manager.

Recommendations and Requirements

The following are requirements and recommended best practices for deploying the Anchore Enterprise Cloud Image in AWS.

• Memory Requirement - The Cloud Image requires a minimum of 32 GB of memory to operate.
• Disk Requirement - The Cloud Image requires a minimum of 128 GB of disk space for root volume and 1 TB for data volume to operate.
  • Note: The data volume by default will not delete on termination of your AMI.
• CPU Requirement - The Cloud Image requires a minimum of 4 vCPU to operate.

AWS Supported Instance Type

The baseline supported instance type on Amazon Web Services is the r7a.xlarge. This gives the best mix of performance to cost for running Anchore Enterprise.

The Cloud Image Manager will not enforce the use of this instance type but will check for the minimum resources needed to run the software. If you would like to use a different instance type, please contact Anchore Support for guidance.

For more information on AWS Instance Types Please review the following links

• AWS Instance Types Overview
• AWS Pricing Calculator

Key pair type

The Anchore Enterprise Cloud Image is running with FIPS enabled. When creating your Key Pair, you must use an RSA key. The ED25519 key will be rejected as a non-FIPS-compliant algorithm.

Please review the AWS documentation on using Amazon EC2 Key Pairs

Security Group

The Anchore Enterprise Cloud Image requires the following ports to be open in the security group:

• TCP 22 - SSH
• TCP 443 - HTTPS
• TCP 8443 - Grafana

Please review the AWS documentation on Security Groups.

Cloud Image Manager Terminals

Please review the Best Practices for the Cloud Image Manager for the recommended terminal applications to use.

Anchore Cloud Image License

The Anchore Enterprise Cloud Image requires a valid license to operate. The license is provided by Anchore during the purchase process. The license file is required to be uploaded via the Cloud Image Manager during the initial setup.
Please have it available before starting the installation process.

Launching the AMI

To launch the Anchore Enterprise Cloud Image AMI, please refer to the AWS documentation on Launch an Amazon EC2 instance.

You may also want to review the AWS guide for how to Connect to your EC2 instance.

Once the instance is launched, please review the Cloud Image Manager documentation for the next steps on Accessing the Cloud Image Manager. The Cloud Image Manager will walk you through the preflight checks, configuration, and management of your Anchore Enterprise Cloud Image deployment.

Backup and Restore

It is important that you have a backup and restore strategy in place to protect your data. The Anchore Enterprise Cloud Image Manager will prompt you to create a snapshot prior to upgrading your Anchore Enterprise Cloud Image or expanding your disks. It is also reasonable for you to create a snapshot of your EBS volume on a regular basis.

Please refer to the AWS documentation on AWS Backup and Amazon EBS Snapshots.

Expanding your disks

During the course of using the product, you may wish to expand the size of your disks. It is strongly recommended that you create a snapshot of your EBS volume prior to expanding your disks.

Please refer to the AWS documentation on Extend or modify disk volume

Once you have expanded your disk, you will need to resize the filesystem to take advantage of the additional space. The Cloud Image Manager provides a utility to resize the filesystem. Please refer to the Cloud Image Manager Configuration Disk Expansion for more information.

Upgrading the Cloud Image

Occasionally, Anchore will release updates to the Anchore Enterprise Cloud Image. The Cloud Image Manager will provide you with the upgrades that are available to you and allow you to determine when you want to upgrade. It is strongly recommended that you create a snapshot of your EBS volume prior to upgrading your Anchore Enterprise Cloud Image.

Please refer to the Cloud Image Manager upgrade documentation for more information.

Support for your Cloud Image

During operation of Anchore Enterprise or the Cloud Image, you may require support from Anchore Support. The Cloud Image Manager provides you with a seamless way to generate a support bundle and upload it to Anchore Support.

Please refer to the Cloud Image Manager Support documentation for more information.

Last modified March 28, 2025