AWS Cloud Beta Getting Started Guide

Trying out our new platform is an entirely new experience and there are a couple of new concepts that we’d like to introduce. This guide will walk you through the full signup process and provide more detail on the new concepts.

Creating an account

Since this platform uses a new authentication and authorization system, you’ll need to create a new account, even if you’re a current ObjectRocket customer. At this time, logins for the existing and Beta service will remain completely separate.

1. Sign up

Start at and click Sign Up.


Whether you’re a new or existing customer, you will need to create a new account. However, if you are an existing customer we will be able to link your billing later. Just reach out to our support team and they’ll set you up.

Since we are in Beta, you must agree to the Beta test terms. Because there is no official SLA for uptime and support at this time, this launch is for test workloads only.

2. Verify your email address

Once you hit the email verification screen, you’ll get an email in your inbox from ObjectRocket Support with a link to verify your email address. Click the link in your email to continue the process.

3. Create an organization


The next step is to create an organization. Many customers have requested the ability to have multiple logins to an account with various levels of access. This type of Role-Based Access Control (RBAC) has been on our databases for quite a while, but we’re now introducing it to your management interface. Organizations are our way of grouping users together.

In the future, you will be able to add additional users and consolidate communications using this organization.


  • Contact Email: We’ll use this email to contact your company for support purposes. If you’re a single user, you can just use your login email.
  • Organization Name: You can name your organization anything you want and you can change it later. If you’re part of a company that will take advantage of RBAC in the future, use your company or division name. If you’re just a single user, use your name, or any identifier you want.
  • Phone Number: This is the phone number we’ll use to contact you for billing or support questions if we can’t get a hold of you via email.

4. Enter Payment Information

Next up is payment information. New accounts come with a $200 credit that can be used to evaluate the service, but we gather payment information now so there aren’t any disruptions should you decide to continue on the service after the credit is used up.

If you’re currently an ObjectRocket customer, you can stop here and contact support. We can link your two accounts so you don’t need to enter payment information again.

After that, you’re in!


Welcome to Mission Control!

Our user interface, called Mission Control, is what you’ll use to manage, monitor, and view your databases, as well as contact support.

Currently, all major functions of the service are available in the UI, but we will continue to add additional features and capabilities.

However, if you’d like an introduction to our new product API, continue on to the next section.

Using the API

Though the API is the only option for some features during Beta, it will always be available to perform management tasks, even after Mission Control is fully built out. The full list of supported API requests as well as an Insomnia template is available at

1. Attach the token to API requests


If you’re using Insomnia, you can provide the API Token via an “Api-Token” header, which should work fine, but what we’ve done in our downloadable template is created a token variable that you can set in your environment, like so:

_images/api_env.png _images/api_env_tok.png

From there, you can use the token throughout insomnia by just typing: {{token}}. However, if you’re not an Insomnia user, here’s what the header looks like in curl:

curl --header "Api-Token: put_your_token_here"

The setup should be similar in other REST clients.

2. View service catalog

The service catalog will tell us what services and options are available in the Beta. If you just want to jump to creating an instance, you can skip this step and go right to step 3.


Above you can see the “Elasticsearch” service is available. Let’s see what serviceSubtypes are available for it by using the “service” query parameter to filter:


As you can see, there’s one subtype called elasticsearch_multirole.

Finally, let’s look at what versions are available for that service and subtype, once again using query parameters to filter:


You can see that we have a few versions available at this time and will continue to expand that list. This is generally how the catalog will work when you want to see the options for creating an instance.

3. Create an instance

If you’re using the Insomnia template, you can use the “Create Elasticsearch Instance” call to create, which provides you with a basic configuration. Below is an example of a basic payload for the create call.

POST /instances/elasticsearch/
   "plan": "Standard_48GB",
   "name": "my_instance_name",
   "version": "6.5.3",
   "region": "us-east-1",
   "provider": "AWS",
   "service": "Elasticsearch",
   "serviceSubtype": "elasticsearch_multirole",
   "features": {
      "addons": {
         "kibana": true,
         "cerebro": true
   "acls": [{
      "name": "ElasticsearchACL",
      "cidr": "",
      "kind": 2
   }, {
      "name": "KibanaACL",
      "cidr": "",
      "kind": 4
   }, {
      "name": "CerebroACL",
      "cidr": "",
      "kind": 5

Other than the “name”, which can be whatever you want it to be, the whole top section are the options returned by the catalog; You can fill those with whatever catalog selections you want.

Next is the features section. For now, this is used to specify that you want a Kibana and Cerebro dashboard with your instance. In the future, there will be more options.

Add ACLs

Finally, you’ll want to add ACLs to your instance. By default, all access to the instance is blocked, so you must specify which IPs and ranges to allow. Also, note that Elasticsearch, Kibana, and Cerebro all have separate ACLs specified by the “kind” field, so you can limit access to each of those individually. Set these to the IPs that you’ll need to access the service from. If you’re just trying to connect from your local machine, make sure you’re using your external IP address. There are plenty of services that can return this IP for you, or you can just Google “What’s my IP” and the first result should be your IP. You can always add or modify these later, if you wish.

Once your create payload is ready, provide it with a POST to /instances/elasticsearch/ along with your token.

4. View active instances

While our instance is being created, we can check the status and see other active instances via the /instances/elasticsearch/ endpoint.

GET /instances/elasticsearch/

   "id": "00000000-0000-0000-0000-000000000000",
   "name": "my_instance_name",
   "service": "Elasticsearch",
   "hosts": [],
   "features": {
      "addons": {
         "kibana": true
   "settings": {},
   "acls": [],
   "statusDisplay": "Create Requested",
   "namespace": "00000000-0000-0000-0000-000000000000",
   "url": "/instances/00000000-0000-0000-0000-000000000000/",
   "metadata": {},
   "dtCreated": "2019-03-08T04:17:46.120780Z",
   "dtModified": "2019-03-08T04:17:49.246328Z",
   "dtDeleted": null,
   "provider": "AWS",
   "version": "6.4.0",
   "clusterID": "11111111-1111-0000-0000-000000000000",
   "encrypted": false,
   "requested": "2019-03-08T04:17:49.246344Z",
   "completed": null,
   "stripeSubscriptionId": null,
   "lastTransactionId": "11111111-1111-1111-0000-000000000000",
   "status": 4,
   "organization": "11111111-1111-0000-0000-111111111111",
   "region": "us-east-1",
   "serviceSubtype": "elasticsearch_multirole"

While waiting for the cluster to build, keep your eye on the the statusDisplay field. The statusDisplay field will report “Ready” when the cluster is done creating.

Once you’re in the “Ready” state, the hosts field will be populated with an fqdn and port for each active service (Elasticsearch, Kibana, and/or Cerebro).

You can connect to any of them by connecting to https://<fqdn>:<port> , but first you’ll need to create a user in Elasticsearch

5. Create a user

In order to connect to any instance on the ObjectRocket service, you’ll need an open ACL and a valid user. We took care of the ACLs in the last step, during the create call, but we’ll create the user with a separate call to the /instances/elasticsearch/<id>/users/ endpoint. You’ll replace <id> with the “id” field returned in the instance list

POST /instances/elasticsearch/<id>/users/
   "username": "myawesomeusername",
   "password": "supersecretpassword",
   "roles": ["admin"]

This will create an admin user that can read and write all indexes as well as use Kibana. We also have readonly and kibana roles. You should receive a 202 response and now you can connect to your instance.

Wrapping up

That’s a quick primer on using our API and getting an instance going on our new platform. There’s much more to come, but this can get you up and running. You can learn more in our API Docs. As always, feel free to reach out to our support team if you have any questions.