Set up the Deadline Cloud monitor
To get started, you'll need to create your Deadline Cloud monitor infrastructure and define your farm. You can also perform additional, optional steps including adding groups and users, choosing a service role, and adding tags to your resources.
Step 1: Create your monitor
The Deadline Cloud monitor uses AWS IAM Identity Center to authorize users. The IAM Identity Center instance that you use for Deadline Cloud must be in the same AWS Region as the monitor. If your console is using a different Region when you create the monitor, you'll get a reminder to change to the IAM Identity Center Region.
Your monitor's infrastructure consists of the following components:
-
Monitor display name: The Monitor display name is how you can identify your monitor — for example AnyCompany monitor. Your monitor's name also determines your monitor URL.
Important
You can't change the monitor display name after you finish setting up.
-
Monitor URL: You can access your monitor by using the Monitor URL. The URL is based on the Monitor display name — for example https://anycompanymonitor.awsapps.com.
Important
You can't change the Monitor URL after you finish setting up.
-
AWS Region: The AWS Region is the physical location for a collection of AWS data centers. When you set up your monitor, the Region defaults to the closest location to you. We recommend changing the Region so it is located closest to your users. This reduces lag and improves data transfer speeds. AWS IAM Identity Center must be enabled in the same AWS Region as Deadline Cloud.
Important
You can't change your Region after you finish setting up Deadline Cloud.
Complete the tasks in this section to configure your monitor's infrastructure.
To configure your monitor's infrastructure
-
Sign in to the AWS Management Console to start the Welcome to Deadline Cloud setup, then choose Next.
-
Enter the Monitor display name — for example
AnyCompany Monitor. -
(Optional) To change the Monitor name, choose Edit URL.
-
(Optional) To change the AWS Region so it's closest to your users, choose Change Region.
-
Select the Region closest to your users.
-
Choose Apply Region.
-
(Optional) To add groups and users, select (Optional) Add groups and users.
-
(Optional) To further customize your monitor setup, select Additional settings.
-
-
If you are ready to Step 2: Define farm details, choose Next.
(Optional) Add groups and users
Before you complete Deadline Cloud monitor setup, you can add monitor users and add them to a group.
After setup is complete, you can create new users and groups, and manage users such as to assign them groups, permissions, and applications, or delete users from your monitor.
Additional settings
Deadline Cloud setup includes additional settings. With these settings, you can view all the changes Deadline Cloud setup makes to your AWS account, configure your monitor user role, and change your encryption key type.
AWS IAM Identity Center
AWS IAM Identity Center is a cloud-based single sign-on service for managing users and groups. IAM Identity Center can also be integrated with your enterprise single sign-on (SSO) provider so that users can sign in with their company account.
Deadline Cloud enables IAM Identity Center by default, and it is required to set up and use Deadline Cloud. The IAM Identity Center instance that you use for Deadline Cloud must be in the same AWS Region as the monitor. For more information, see What is AWS IAM Identity Center.
Configure service access role
An AWS service can assume a service role to perform actions on your behalf. Deadline Cloud requires a monitor user role for it to give users access to resources in your monitor.
You can attach AWS Identity and Access Management (IAM) managed policies to the monitor user role. The policies give users permissions to perform certain actions, such as creating jobs in a specific Deadline Cloud application. Because applications depend on specific conditions in the managed policy, if you don’t use the managed policies, the application might not perform as expected.
You can change the monitor user role after you complete setup, at any time. For more information about user roles, see IAM Roles.
The following tabs contain instructions for two different use cases. To create and use a new service role, choose the New service role tab. To use an existing service role, choose the Existing service role tab.
