Submit a ticketCall us

AnnouncementsAre You “Flying Blind?”

When it comes to your complex IT infrastructure, you want to ensure you have a good grasp of what’s going on to avoid any fire drills that result from guesswork. Read our white paper to learn how proactively monitoring your IT environment can help your organization while giving you peace of mind.

Get your free white paper.

Home > Success Center > Database Performance Analyzer (DPA) > DPA - Knowledgebase Articles > Launch SolarWinds DPA on Amazon Web Services (AWS) on a Linux AMI

Launch SolarWinds DPA on Amazon Web Services (AWS) on a Linux AMI

Amazon Marketplace lets users easily provision software in Amazon Web Services (AWS) with a few clicks in a few minutes. See the following sections to get started using DPA in AWS:

Differences between AWS and self-managed servers

  • Subscription licensing

    Use the following instructions to launch DPA on AWS and use subscription licensing. As you register databases and monitor them, DPA charges your Amazon Subscription through the AWS Metering Service. DPA charges are based on the number of database instances you monitor each hour. See the AWS Marketplace for details and pricing.

    If you want to use individual DPA licenses in the Amazon cloud, you can deploy an EC2 instance, install DPA, and apply your licenses. You cannot use both individual DPA licenses and a subscription on a single DPA server.

  • Different default ports

    You can access the SolarWinds DPA user interface on the standard HTTP port 80 and HTTPS port 443. The firewall settings have been set to allow inbound HTTP and HTTPS traffic.


Before you launch DPA on AWS, you must:

  • Have an AWS Marketplace account.
  • Install the DPA repository database, or identify an existing database to use as the repository. Make sure:

EC2 Requirements

The EC2 instance containing the DPA server must meet the following requirements.

Requirement Details
IAM role permission

An IAM role with the aws-marketplace:MeterUsage permission must be associated with the EC2 instance. This permission allows the role to contact the Metering Service API and record usage.

A user with rights to define and assign roles can create the role in either of the following ways:

  • Create the role on the Configure Instance Details panel of the wizard (see the installation instructions below).
  • Manually create the role. See Creating an IAM Role (© 2017 Amazon Web Services, available at, obtained on December 8, 2017).

To get the aws-marketplace:MeterUsage permission, attach the AWS managed policy AWSMarketplaceMeteringFullAccess to the role.

If a role with the required permissions is not associated with the EC2 instance, DPA reports issues with metering service availability. DPA monitoring will stop if the issue is not addressed.

For more information, see:
Access to the metadata URL

The EC2 instance must have HTTP connectivity to, which is a local IP address accessible only from within Amazon instances. The following specific endpoints must be reachable from the EC2 instance:

To validate that the EC2 instance can access the metadata service, execute the following command:


The command returns a list of available metadata items.

For more information, see Retrieving Instance Metadata (© 2017 Amazon Web Services, available at, obtained on December 8, 2017).

Access to the metering service

The EC2 instance must be able to reach the AWS Metering Service (MeterUsage API). The URL is:


The region depends on where you deploy the EC2 instance with DPA. For example:

To be able to launch DPA, you must have an Internet gateway configured. The Metering Service has an endpoint on the public Internet. To access the Metering Service, your VPC (Virtual Private Cloud) must be configured to allow an outbound HTTPS connection to the public Internet.

For more information, see (© 2017 Amazon Web Services, available at, obtained on December 8, 2017).

To validate that the EC2 instance can connect to the Metering Service, execute the following command:

curl https://metering.marketplace.{region}

Replace {region} with the region where your EC2 instance is running.

You should receive a MissingAuthenticationException response from the server. This response is expected and valid.

Access to the DPA repository database server

The EC2 instance must be able to access the database server that holds the DPA repository database.

For more information, see the Amazon Virtual Private Cloud (VPCs) and Amazon RDS documentation (© 2017 Amazon Web Services, available at, obtained on December 8, 2017).

Launch SolarWinds DPA

  1. Log in to the AWS Marketplace.
  2. Enter SolarWinds DPA in the search field, and then select Database Performance Analyzer - Subscription (Linux) from the results list.


    Product information is displayed.

  3. Click Continue.

  4. Click Accept Software Terms, and then click Return to Launch Page.

  5. Under Launch, locate the Amazon EC2 region in which you want to launch the instance, and then click the Launch with EC2 Console button associated with that region.

    SolarWinds recommends selecting a region that contains the database instances that you will monitor with DPA.


  6. On the Choose Instance Type panel:

    1. Select an instance type that is at least a t2.medium.

      The t2.medium type is an economical and logical size to start with. However, if you are monitoring larger numbers of database instances or very active database instances, you will need the increased resources and optimizations offered by larger instance types. You can select the size you need now, and then resize to a larger instance type later if necessary.

      For more information on changing the instance size, see this article from Amazon (© 2017 Amazon Web Services, available at, obtained on October 10, 2017).

    2. Click Next: Configure Instance.

  7. On the Configure Instance Details panel:

    1. Select a Network and Subnet, or accept the default.

      If you've used Amazon EC2 before, you probably already have an Amazon VPC network and subnet set up. Your existing network and subnet will be selected here by default.

    2. Enable Auto-assign public IP so you can connect to SolarWinds DPA from your desktop.

    3. Configure any other settings to suit your network or subnet requirements.


    4. Select a role with the required permission (see the Requirements section for more information):
      • If a role has already been created, click Choose an existing IAM role and then select the role.

      • If your account has permissions to create roles, you can automatically create a role with the required permissions (just enter a name).

        If necessary, contact your administrator and have your administrator set up an account with the correct permissions.


    5. Click Next: Add Storage.
  8. On the Add Storage panel:

    1. Verify the Size. SolarWinds recommends 20 GB.

      This size is for the DPA instance only. It does not include the DPA repository.


    2. SolarWinds recommends not selecting Delete on Termination. Separately deleting the data volume after terminating an instance is a good precautionary practice.


    3. Click Next: Add Tags.
  9. On the Add Tags panel, create a tag to more easily recognize this Amazon EC2 resource:

    1. Click Add Tag.

    2. Under Key, enter Name.

    3. Under Value, enter SolarWinds DPA.


    4. Click Next: Configure Security Group.

  10. On the Configure Security Group panel:

    1. Add rules that allow inbound access to at least remote desktop and the HTTP/HTTPS ports:

      Type Protocol Port Range
      SSH TCP 22
      HTTP TCP 80
      HTTPS TCP 443
    2. If you want to restrict access to DPA to just your current IP address, change the Source for these rules to My IP. Leaving Source as Anywhere is less secure.
    3. If you want to restrict access to DPA to just people in your organization, select Custom IP and specify an IP range in CIDR notation that matches the external IP addresses used in your organization.
    4. Click Review and Launch.
  11. On the Review Instance Launch panel:

    1. Review your instance options.

    2. Click Launch.

  12. Create or select the key pair that provides security for your AMI instance.

    Do not select Proceed without a key pair.

    • To create a new key pair:
      1. Select Create a new key pair.


      2. Enter a Key pair name.
      3. Click Download Key Pair.
      4. Store this file in a secure and accessible location.
    • To choose an existing key pair:
      1. Select Choose an existing key pair.


      2. Select a secure and accessible key pair.
      3. Accept the acknowledgment.
  13. Click Launch Instances.
  14. Wait a few minutes for the provisioning and initialization to finish.


Launch SolarWinds DPA

You can access your SolarWinds DPA server with its host name or IP address.

  1. On the Amazon EC2 Instances page, find the public DNS or public IP of your new SolarWinds DPA server.


  2. Open a web browser and enter the host name (Public DNS) or IP address of your new SolarWinds DPA server as the URL. 
  3. The first time you log in:
    1. Configure the DPA repository database.
    2. Agree to the EULA.
    3. Select your time zone.
    4. Start registering databases.

Register databases for monitoring


Your SolarWinds DPA server must be able to connect to the databases that you want to monitor. Make sure that the security group of your databases allows SQL traffic from your EC2 instance running SolarWinds DPA.

If you encounter difficulty connecting to databases or RDS instances from your SolarWinds DPA server, see SolarWinds DPA Technical Reference: Solving Amazon EC2 and RDS Connectivity Problems.

To register databases, click Register DB Instance for Monitoring. For more information, see Register a database instance for monitoring.

How to access your EC2 instance

You can connect to the Linux AMI using SSH (make sure the firewall allows the SSH port). Authentication is based on a public key. For example:

ssh -i <your_key_pair.pem> <your_ec2_instance>

You can create a new public key or use one already generated for multiple VMs during the AMI deployment process.

Last modified