# EC2 Nodes ### Overview This guide explains how to install a StrongDM node (gateway or relay) on EC2. The StrongDM node works with any Linux distribution and any server with two CPUs and four GB of memory. {% hint style="info" %} There are also automated options for node setup. * If you are comfortable with Terraform, and choose to set up a gateway in AWS, you can [automate gateway setup](https://github.com/strongdm/terraform-aws-sdm-gateway). * Alternatively, if you prefer Docker, see our [Docker](/admin/networking/gateways-and-relays/docker-nodes.md) documentation. {% endhint %} ### Steps 1. Launch an EC2 instance: we recommend a t3.medium (2 vCPU, 4 GB RAM) with any Linux distribution. Modify the security group to allow your StrongDM clients to reach this server. By default this is port 5000 from all sources. This can also be a custom port from a private subnet depending on your network configuration. 2. Navigate to the StrongDM Admin UI. 3. ![](/files/SMLEq3R0GOPwbm7PdQ44)\ Go to **Networking** > **Gateways** and click **Add gateway**, or go to **Networking** > **Relays** and click **Add relay** 4. For a gateway, for **Advertised Host**, enter the hostname or IP address from the EC2 instance. The hostname that you provide should be either the public IPv4 address or the external DNS hostname (which will resolve to the public IPv4 address). Additionally, for **Advertised Port**, enter the port that you left open for the gateway to interact with StrongDM clients (by default, `5000`). 5. For a relay, name the relay. 6. Click **Create gateway** or **Create relay**. This generates a token **that is shown to you one time** that you'll need to use later in the installation process. Carefully copy the token and save it somewhere for later use. 7. Log in to the EC2 instance you created to host your gateway or relay. 8. Download the StrongDM binary: ```bash curl -J -O -L https://app.strongdm.com/releases/cli/linux ``` 9. Unzip it (if this is a new server, you may need to install a package to unzip archives, such as with `sudo apt-get install unzip` on Ubuntu distributions): ```bash unzip sdmcli_VERSION_NUMBER_linux_amd64.zip ``` 10. Install the node: {% tabs %} {% tab title="US" %} ```sh sudo ./sdm install --node ``` {% endtab %} {% tab title="UK" %} *Follow instructions in the tab for the region of your organization's StrongDM control plane, not your own location. The default control plane region is US.* ```sh sudo ./sdm install --app-domain app.uk.strongdm.com --node ``` {% endtab %} {% tab title="EU" %} *Follow instructions in the tab for the region of your organization's StrongDM control plane, not your own location. The default control plane region is US.* ```sh sudo ./sdm install --app-domain app.eu.strongdm.com --node ``` {% endtab %} {% endtabs %} ``` You will be prompted for the token you created; paste it in and hit enter. Note that the token won't show in the terminal for security purposes, similar to the masking of a password. ``` {% hint style="info" %} The installer must be run by a user that exists in the `/etc/passwd` file. Any users remotely authenticated, such as with LDAP or an SSO service, may fail to complete the installation. {% endhint %} 11. Switch back to the Admin UI **Gateways** or **Relays** page. The node you created should appear to be online and have a heartbeat. If it doesn't appear online, perform a hard refresh of your browser. Within a couple minutes, if it is still not online, verify that the StrongDM service is running by running `ps aux|grep sdm` on the server and looking for a line that says `sdm relay`. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.strongdm.com/admin/networking/gateways-and-relays/ec2-nodes.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.