Deploy on AWS
Treasury can easily be deployed within your GCP cloud. It will be co-hosted with Cordial Systems, meaning Cordial Systems will deploy a node in their infrastracture to help secure your node via MPC and distributed policy enforcement (e.g. 2/2 or 3/4 threshold arrangement).
Deploy a VM using Treasury image
Use the latest version of our Treasury listing on AWS marketplace.
We maintain the VM image source in an open source repo.
Access Panel UI
Next we need to be able to access the "Panel UI" of Treasury to proceed with the setup.
Setup IAM rule
We need to setup an AWS Role for the EC2 instance that allows us to setup a port forward to the Panel UI.
Create a new IAM Role that attaches to the AWS maintained AmazonSSMManagedInstanceCore policy.
- Create Role
- AWS Service
- EC2 Use case
- Attach
AmazonSSMManagedInstanceCorepolicy.
Now update your EC2 instance to have the role you just created and then restart it.
Port forward
You can open the port forward by running this command. You will need to be authenticated (have your AWS_* env vars set).
aws ssm start-session \
--target YOUR_INSTANCE_ID \
--region YOUR_REGION \
--document-name AWS-StartPortForwardingSession \
--parameters '{"portNumber":["7666"], "localPortNumber":["7666"]}'
You can then launch the UI by visiting http://127.0.0.1:7666.
Activation
Using the Panel UI, you can now activate your Treasury instance. This securely pairs it with the Treasury node(s) running in Cordial Systems infrastructure.
To proceed, you need to provide an activation key, which you need to get from Cordial Systems.
As part of activation, you'll also setup your backup encryption keys, as well as configure initial "root" or "co-root" users.