Automate BigFix Evaluation setup on AWS Free Tier

I would like to see the automation of the setup and configuration of a BigFix Evaluation Root Server on AWS. This would be extremely useful for Development, Testing, and PoC.

The AWS Free Tier provides enough resources to run a BigFix Root Server for a small number of clients without cost, which is very impressive and useful. I have been running a BigFix Root Server this way for the past 2 weeks and it has worked well for my use case. So far I have a total bill of $0.46 for Data Transfer, which might be reduced with a better configuration of AWS, but is fairly inconsequential.

I don’t have a lot of experience with AWS but the setup of the EC2 instance, RDS instance, VPC security groups, and most needed configuration should be completely automatable through a CloudFormation Template, which would make this very easy to get up and running. Even better would be to automate the installation of the BigFix Root Server software and as much default configuration as possible, which should also be possible through the template. ( WebReports, BigFixMeSync, WebUI, etc… )

The AWS Free Tier provides the following resources:
Need to be in the same AWS availability zone to reduce Data Transfer costs.

1 t2.micro VM running Windows Server 2012r2 base

  • 1 GB of RAM (EC2)
  • 1 CPU core (EC2)
  • 30 GB SSD storage (EBS)

1 RDS instance running SQL Server Express

  • 20 GB of SSD database storage (RDS)

Data Transfer

  • 15gb/month of bandwidth out aggregated across all AWS services ($0.09 per GB above 15gb)
  • Unlimited bandwidth in (unless using public or elastic IP or between AWS in different availability zones)

The 30 GB of SSD storage is a bit light, particularly for caching software downloads.

The amount of space that the Windows 2012r2 base image takes up can be reduced by running the following command: ( Extremely slow due to only have 1 CPU )

Dism.exe /online /Cleanup-Image /StartComponentCleanup /ResetBase

This will provide a bit more breathing room on the VM.

It should also be possible to configure a top level relay that runs outside of AWS and is configured to handle direct internet downloads of software instead of the root server running in AWS, which would reduce the storage needs of the VM running in AWS.

Related: Move content downloading to a Relay

.Net 3.5 is required for BigFixMeSync plugin, and possibly others

Desktop Experience is required for Win2012 r2 if you are going to use the console on the VM and use Flash based dashboards.