ndexr — Streamlined Infrastructure for Applications

Overview

Start here to understand the current state of the console and the main work areas.

Administration and account

Administrative controls, account context, spend visibility, and internal tooling.

AWS backend setup

The core AWS credentials and supporting infrastructure needed before launch and server work.

Enter Your AWS Credentials

Provide your AWS Access Key and Secret Key here. This information is required to authenticate your AWS account with ndexr. Access IAM Console

How to find your keys: In the AWS Console, go to IAM > Users > your user > Security credentials . Click Create access key to generate a new pair. Copy both the Access Key ID and the Secret Access Key -- the secret is only shown once.

AWS Access Key

Your AWS Access Key ID identifies your AWS account and is used with your Secret Key.

AWS Secret Key

Your AWS Secret Access Key is used to authenticate requests to AWS services.

Actions

Once you've entered your AWS credentials, use the actions below to inspect or remove them.

Important: If you click 'Delete', your credentials will be permanently removed, and ndexr will no longer be able to communicate with your AWS account.

Note: You can only have one set of AWS credentials at a time.

New Key Pair

Provide a name for your new key pair. This key pair will be used to securely access your EC2 instances.

A key pair is how you prove your identity when connecting to your server over SSH. Instead of a password (which can be guessed or brute-forced), AWS generates a cryptographic key pair -- a public half stored on the server and a private half you download as a .pem file. Keep the .pem file safe; anyone who has it can log in, and AWS cannot recover it if lost.

Key Pair Name

Tip: Use a meaningful name to easily identify your key pair.

After creating, download the .pem file immediately and store it securely. AWS does not keep a copy of the private key -- if lost, you will need to create a new key pair.

Key Pairs

Use this section to manage your existing key pairs. You can retrieve, delete, or update your key pairs as needed.

Launch environment

Prepare and start a new server workflow.

Launch

Pre-launch checklist. Make sure your AWS credentials are set and you have at least one key pair, security group, and hosted zone configured. Zeroes below mean something is missing.

Credentials

Key Pairs

Security Groups

Hosted Zones

If any value is zero, go to the Workspace tab to set up AWS credentials, key pairs, and security groups before launching.

Configure the basics for your EC2 instance. Pick the key pair you will SSH with, the security group that controls network access, an AMI to boot from, and a machine size.

Server Name

A friendly name to identify this server in your list.

Key Name

The SSH key pair used to log in to this server. Create one under Workspace if none exist.

Security Group

The firewall rules controlling which ports are open. Create one under Workspace if none exist.

AMI

The machine image (operating system) to boot from. Ubuntu 24.04 LTS is recommended for most use cases.

Instance Type

T series (t3.*) -- burstable, cheapest for intermittent workloads. M series (m5.*) -- balanced CPU/RAM for general use. C series (c5.*) -- extra CPU for compute-heavy tasks. R series (r5.*) -- extra RAM for memory-heavy tasks.

Instance Storage (GB)

EBS disk size in GB. 50 GB is enough for a basic server; 300 GB suits heavier data work. You are billed for provisioned storage whether used or not.

Cost reminder: AWS charges by the hour for running instances. Larger instance types and more storage cost more. Stop or terminate servers you are not using to avoid unexpected charges.

Choose which ports to open on your security group before launch. Rules are only added if they are not already present -- safe to re-run. For most web servers, open 22 (SSH) and 443 (HTTPS) .

Open Common Ports

22 / SSH

80 / HTTP

443 / HTTPS

22 / SSH -- required to log in and manage your server from the terminal.
80 / HTTP -- unencrypted web traffic. In most setups you should redirect to HTTPS instead of serving on port 80 directly. Leave unchecked unless you have a specific reason.
443 / HTTPS -- encrypted web traffic. This is the standard for any public-facing site or API.

Notes

Each port you open is a door into your server visible to the entire internet. Only open what you actually need. You can always add more rules later under Workspace .

The user-data script runs once when the instance first boots. Pick a template or write your own. The script executes as root.

Template

General -- installs common tools and runs apt update/upgrade. Bare -- empty script, boots with no changes. Docker -- installs Docker and enables the service. Custom -- write your own from scratch. Gentoo Prefix -- Gentoo package manager on RHEL.

Script

Before you launch. Double-check the key pair, security group, AMI, instance type, storage, and boot script on the previous tabs. The server will begin starting immediately and you will be billed by AWS for the running time.

Go to the Servers tab after launching to manage the instance. It may take 1-2 minutes for the instance to become available.

AMI library

Available images and launch foundations.

Amazon Machine Images (AMIs)

Create an image from an instance and manage images you already own.

An AMI is a complete snapshot of your server's disk -- the OS, installed software, and your configuration. Once captured, you can launch a new instance from it in minutes instead of rebuilding from scratch. Use AMIs for disaster recovery, cloning identical environments, or sharing a pre-built setup with others.

Create from Instance

Pick a running or stopped instance and create an image with NoReboot=TRUE.

My Images

Elastic IPs

Network addresses available for assignment and routing.

Elastic IPs

Allocate, associate, and manage public IP addresses.

An Elastic IP is a static public address that stays the same even when you stop and restart your server. Without one, your server gets a new random IP every time it boots, which breaks DNS records and bookmarks. AWS charges a small hourly fee (~$0.005/hr) for Elastic IPs that are not associated with a running instance -- this discourages hoarding unused addresses. Associate it with your server and the fee goes away.

Current servers

Inspect and manage the servers already under control.

Domains and routing

Attach domains and handle addressable public entry points.

Purchase a Domain

A domain name is the human-readable address (e.g. example.com) that points to your server's IP. Once registered, you create DNS records that map the domain to your Elastic IP so visitors reach your server by name instead of memorizing a number. Registration is annual and pricing varies by TLD (.com, .io, etc.).

Registration is billed annually by AWS through your connected account. Pricing varies by TLD: .com ~$12 , .net ~$11 , .org ~$12 , .io ~$39 , .co ~$25 , .us ~$8 per year. Privacy protection is enabled by default to keep your contact details out of WHOIS.

Contact Type

Choose Person for individual registrations. Use Company or Organization if registering on behalf of a business.

Organization Name

First Name

Last Name

Email Address

Dialing Code

Phone Number

Address Information

Address Line 1

City

State / Province

Country Code

Zip / Postal Code

Domain Name

Enter the full domain including TLD (e.g. mysite.com). Availability and price will appear below.

Billing and subscription

Manage subscription and payment-related settings.

Overview

Administration and account

AWS backend setup

AWS Secrets

Enter Your AWS Credentials

Actions

New Key Pair

Key Pairs

Launch environment

Launch

AMI library

Amazon Machine Images (AMIs)

Elastic IPs

Elastic IPs

Current servers

Domains and routing

Purchase a Domain

Address Information

Billing and subscription

Let's Talk

Tell us what you need and we will follow up shortly.

What can we help with?

Name

Email

Phone

Message

Please include enough detail for a useful reply.

Let's Talk