# AWS Stream deployment ### AWS Stream Deployment The Stream software is available as an Amazon Machine Image along with an Amazon CloudFormation template that enables easy deployment as follows: * Browse to the AWS Marketplace Subscriptions service on the AWS console. ![](/files/zUTahiYEtyw5FLraTrV1) * Click Discover products and search for **Vectra**. ![](/files/dQ0ermAi8X7tizfPA7u2) * Select **Vectra Stream Connector**. ![](/files/Yg70GQYuIlJuCfxKyobQ) * Click **Continue to Subscribe**. * There is no additional cost for this step. * All Vectra licensing is handled in your Vectra UI. ![](/files/iT8FNd9WZRmYKHJ85s6u) * Click **Accept Terms**. ![](/files/jGo6CbqmgQB0BUieLqD3) * AWS will process the subscription before enabling next steps. * Once completed, AWS will allow you to **Continue to Configuration**. ![](/files/p4O22rmOMlidpJunQl93) * Select the region to deploy the Sensor in. * Click **Continue to Launch**. ![](/files/mF1q5kh3UfI7HI9eCfUU) * Under Choose Action, select **Launch CloudFormation**. * Click **Launch**. * You will be presented the CloudFormation screen pre-populated with the Template and S3 URL for the Vectra Stream AMI. ![](/files/hrU9YAe8F77aJJPpuM1B) * Click **Next**. ![](/files/euKlTLdXV9ISxuHGEfDd) * If you have not already created an EC2 key pair to use with this Stream deployment, please do so before proceeding with the CloudFormation steps below. * The private key from this key pair will allow you to SSH to the CLI of Stream as the `vectra` user. During this process you will be asked to fill in the following fields: * **Stack name** - This is a collective name for all the AWS resources that will be deployed as part of Stream. * The Stack name can contain letters, numbers, and dashes only and cannot conflict with any other existing stacks. * **baseName** - This name will be prepended to the individual resources that are deployed for the template. * **brainIP** - The IP address or the Fully Qualified Domain Name (FQDN hostname) of the Vectra Brain. * This address must be reachable from the Sensor’s management subnet over port 22 and 443. * **instanceType** - Select from the options offered. * The **c5.xlarge** is rated for up to 5 Gbps of traffic. * The **c5.2xlarge** is rated for 5 to 10 Gbps of traffic. * The **c5.4xlarge** is rated for up to 20 Gbps of traffic. * **mgtSecurityGroup** - This setting determines what access is permitted for Stream. * If left blank, the template will auto-create a security group, and rules must be added after. * If there is an existing security group, add it here. * This security group must allow inbound TCP/22 from the Brain and allow outbound TCP/443 and TCP/22 to the Brain for management. * **mgtSubnet** - This specifies the subnet which Stream will use to communicate with the Brain. * **mgtVPC** - This specifies the VPC where the management interface of Stream is located. * **registrationToken** - This token must be copied from the Vectra UI. * The token is valid for 24 hours and can be regenerated on-demand. * A valid registration token must be presented by Stream in order to pair with the Brain. * Instructions to generate a Sensor registration token are shown in [Cloud Sensor Registration Token](#cloud-sensor-registration-token). * Stream pairs and communicates like a Sensor so “Sensor” language is sometimes used when referring to Stream. * **sshKey** - AWS recommends use of the EC2 key pair feature to manage access to Stream. * This field allows the user to add an authorized key pair for logging into Stream’s command line interface with the `vectra` user. * This key pair should have been created previously. * Select your key pair. * This private key will need to be used during SSH login to the CLI of Stream as the `vectra` user. * **tenancy** - Tenancy attribute for the AWS instance. * Click **Next**. * All fields in the next screen are optional - You may wish to configure tags as an example. ![](/files/DA6N2BciUj4tMDHtJQ42) * Click **Next**. ![](/files/NGa4LiJvjsIp5o0UXZEV) * Click **Create Stack**. * At this point, the stack creation should proceed through to completion. * Once the stack is created, Stream will reach out to the Vectra Brain and attempt pairing. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.vectra.ai/deployment/stream/deployment/aws-stream-deployment.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.