AWS Ground Station

(1)

AWS Ground Station

User Guide

(2)

AWS Ground Station: User Guide

Amazon's trademarks and trade dress may not be used in connection with any product or service that is not Amazon's, in any manner that is likely to cause confusion among customers, or in any manner that disparages or discredits Amazon. All other trademarks not owned by Amazon are the property of their respective owners, who may or may not be aﬃliated with, connected to, or sponsored by Amazon.

(3)

What Is AWS Ground Station?

AWS Ground Station is a fully managed service that enables you to control satellite communications, process satellite data, and scale your satellite operations. This means that you no longer have to build or manage your own ground station infrastructure.

AWS Ground Station enables you to focus on innovating and rapidly experimenting with new applications that ingest satellite data and dynamically scale your server and storage use, rather than spend resources on operating and maintaining your own ground stations.

(6)

Data Delivery to Amazon S3

How AWS Ground Station Works

A satellite reservation is also known as a contact. Your satellite communicates with an AWS Ground Station antenna during contacts. You can reserve contacts through an API or through the AWS console by specifying location, time, and mission information. Your contact data can be streamed to and from an Amazon Elastic Compute Cloud (Amazon EC2) instance or delivered asynchronously to an Amazon Simple Storage Service (Amazon S3) bucket in your account.

You can create extensible and reusable configuration resources so that you have control over how AWS Ground Station antennas are configured during your contacts. Using mission profiles, you can specify where data is coming from, what its format should be, and where to send it.

Data Delivery to Amazon S3

With data delivery to Amazon S3, your contact data is delivered asynchronously to an Amazon S3 bucket in your account. Your contact data is delivered as packet capture (pcap) files to allow replaying the contact data into a Software Defined Radio (SDR) or to extract the payload data from the pcap files for processing. The pcap files are delivered to your Amazon S3 bucket every 30 seconds as contact data is received by the antenna hardware to allow processing contact data during the contact if desired.

Once received, you can process the data using your own post-processing software or use other AWS services like Amazon SageMaker or Amazon Rekognition. Data delivery to Amazon S3 is only available for downlinking data from your satellite; it is not possible to uplink data to your satellite from Amazon S3.

Data Delivery to Amazon EC2

With data delivery to Amazon EC2, your contact data is streamed to and from your Amazon EC2 instance.

You can process your data in real-time on your Amazon EC2 instance or forward the data for post- processing.

(7)

More Information

With AWS Ground Station you can access more than 125 services via satellite communications. Note the following:

• You can receive narrowband RF data in S-band (2200 to 2300 MHz) or X-band (7750 to 8400 MHz) at bandwidths up to 54 MHz.

• S-Band RF data is digitized and provided as a digital stream in VITA-49 Signal Data/IP format.

• X-Band intermediate frequency (IF) data is digitized and provided as a digital stream in VITA-49 Signal Data/IP format.

• You can receive wideband demodulated/decoded data in X-band (7750 to 8400 MHz) at bandwidths up to 500 MHz

• X-Band intermediate frequency (IF) data is demodulated, decoded, and provided as a digital stream in VITA-49 Extension Data/IP format.

• You can transmit RF data in S-Band (2025 to 2120 MHz) at bandwidths up to 54 MHz.

• The RF data is provided to AWS Ground Station as a digital stream in VITA-49 Signal Data/IP format.

• You must run AWS Ground Station from an AWS Region that supports AWS Ground Station. To see a list of supported regions, see the global infrastructure Region Table.

• You can deliver data to an Amazon EC2 instance running in the same region as the antenna, or you can use cross-region data delivery to send your data from an antenna to an Amazon EC2 instance in your preferred AWS Region. The following antenna-to-destination regions are currently available:

• US East (Ohio) Region (us-east-2) to US West (Oregon) Region (us-west-2)

• US West (Oregon) Region (us-west-2) to US East (Ohio) Region (us-east-2)

Service Terms

You may only use the Services to store, retrieve, query, serve, and execute Your Content that is owned, licensed or lawfully obtained by you. As used in these Service Terms, (a) "Your Content" includes any

"Company Content" and any "Customer Content" and (b) "AWS Content" includes "Amazon Properties."

As part of the Services, you may be allowed to use certain software (including related documentation) provided by us or third-party licensors.

Important

This software is neither sold nor distributed to you and you may use it solely as part of the Services. You may not transfer it outside the Services without speciﬁc authorization to do so.

Core Components

Dataflow endpoint groups, configs, and mission profiles are core components of AWS Ground Station.

These components determine how you schedule your contacts, how the antennas communicate with your satellites, and where your data is delivered. Before getting started with AWS Ground Station, we recommend that you learn about these components. Examples are provided in their respective sections.

Topics

• Dataﬂow Endpoint Groups (p. 4)

• Conﬁgs (p. 4)

• Mission Proﬁles (p. 9)

(8)

Dataﬂow Endpoint Groups

Dataflow endpoints define the location where you want the data to be streamed to or from during contacts. The endpoints are identified by a name of your choosing when executing contacts. These names do not need to be unique. This allows multiple contacts to be executed at the same time using the same mission profile.

The endpoint list address consists of the following:

• name - IP address of this dataﬂow endpoint.

• port - The port to connect to.

The security details of an endpoint consist of the following:

• roleArn - The Amazon Resource Name (ARN) of a role that AWS Ground Station will assume to create Elastic Network Interfaces (ENIs) in your VPC. These ENIs serve as the ingress and egress points of data streamed during a contact.

• securityGroupIds - The security groups to attach to the elastic network interfaces.

• subnetIds - A list of subnets where AWS Ground Station places elastic network interfaces to send streams to your instances.

Dataflow endpoints are always created as part of a dataflow endpoint group. By including multiple dataflow endpoints in a group, you are asserting that the specified endpoints can all be used together during a single contact. For example, if a contact needs to send data to three separate dataflow

endpoints, you must have three endpoints in a single dataflow endpoint group that match the dataflow endpoint configs in your mission profile.

When one or more resources in a dataflow endpoint group is in use for a contact, the entire group is reserved for the duration of that contact. You may execute multiple contacts concurrently, but those contacts must be executed on different dataflow endpoint groups.

See the following documentation for more information about how to perform operations on dataﬂow endpoint groups using AWS CloudFormation, the AWS Command Line Interface, or the AWS Ground Station API.

• AWS::GroundStation::DataﬂowEndpointGroup CloudFormation resource type

• Dataﬂow Endpoint Group AWS CLI reference

• Dataﬂow Endpoint Group API reference

Conﬁgs

Configs are resources that AWS Ground Station uses to define the parameters for each aspect of your contact. Add the configs you want to a mission profile, and then that mission profile will be used when executing the contact. You can define several different types of configs.

See the following documentation for more information about how to perform operations on configs using AWS CloudFormation, the AWS Command Line Interface, or the AWS Ground Station API. Links to documentation for specific config types are also provided below.

• AWS::GroundStation::Conﬁg CloudFormation resource type

• Conﬁg AWS CLI reference

• Conﬁg API reference

(9)

Conﬁgs

Dataﬂow Endpoint Conﬁg

Note

Dataﬂow endpoint conﬁgs are only used for data delivery to Amazon EC2 and are not used for data delivery to Amazon S3.

You can use dataflow endpoint configs to specify which dataflow endpoint in a dataflow endpoint group (p. 4) from which or to which you want data to flow during a contact. The two parameters of a dataflow endpoint config specify the name and region of the dataflow endpoint. When reserving a contact, AWS Ground Station analyzes the mission profile (p. 9) you specified and attempts to find a dataflow endpoint group that contains all of the dataflow endpoints specified by the dataflow endpoint configs contained in your mission profile.

The dataflowEndpointName property of a dataflow endpoint config specifies which dataflow endpoint in a dataflow endpoint group to which or from which data will flow during a contact.

The dataflowEndpointRegion property specifies which region the dataflow endpoint resides in. If a region is specified in your dataflow endpoint config, AWS Ground Station looks for a dataflow endpoint in the region specified. If no region is specified, AWS Ground Station will default to the contact's ground station region. A contact is considered a cross region data delivery (p. 45) contact if your dataflow endpoint's region is not the same as the contact's ground station region.

The IAM role must have a trust policy that allows the groundstation.amazonaws.com service principal to assume the role. See the Example Trust Policy (p. 5) section below for an example.

During endpoint creation the endpoint resource id does not exist, the trust policy must use an asterisk (*) in place of your-endpoint-id and can be updated after creation with the endpoint resource id.

See the following documentation for more information about how to perform operations on dataﬂow endpoint conﬁgs using AWS CloudFormation, the AWS Command Line Interface, or the AWS Ground Station API.

• AWS::GroundStation::Config DataflowEndpointConfig CloudFormation property

• Conﬁg AWS CLI reference (see the dataflowEndpointConfig -> (structure) section)

• DataﬂowEndpointConﬁg API reference

Example Trust Policy

For more information on how to update a role's trust policy, see Managing IAM roles in the IAM User Guide.

{

"Version": "2012-10-17", "Statement": [

{

"Effect": "Allow", "Principal": {

"Service": "groundstation.amazonaws.com"

},

"Action": "sts:AssumeRole", "Condition": {

"StringEquals": {

"aws:SourceAccount": "your-account-id"

},

"ArnLike": {

"aws:SourceArn": "arn:aws:groundstation:dataflow-endpoint-region:your-account- id:dataflow-endpoint-group/your-endpoint-id"

} }

(10)

Conﬁgs

} ]}

S3 Recording Conﬁg

NoteS3 recording conﬁgs are only used for data delivery to Amazon S3 and are not used for data delivery to Amazon EC2.

You can use S3 recording configs to specify an Amazon S3 bucket to which you want downlinked data delivered. The two parameters of an S3 recording config specify the Amazon S3 bucket and IAM role for AWS Ground Station to assume when delivering the data to your Amazon S3 bucket. The IAM role and Amazon S3 bucket specified must meet the following criteria:

• The Amazon S3 bucket's name must begin with aws-groundstation .

• The IAM role must have a trust policy that allows the groundstation.amazonaws.com service principal to assume the role. See the Example Trust Policy (p. 6) section below for an example.

During config creation the config resource id does not exist, the trust policy must use an asterisk (*) in place of your-config-id and can be updated after creation with the config resource id.

• The IAM role must have an IAM policy that allows the role to perform the s3:GetBucketLocation action on the bucket and s3:PutObject action on the bucket's objects. If the Amazon S3 bucket has a bucket policy, then the bucket policy must also allow the IAM role to perform these actions. See the Example Role Policy (p. 6) section below for an example.

Example Trust Policy

For more information on how to update a role's trust policy, see Managing IAM roles in the IAM User Guide.

{ "Version": "2012-10-17", "Statement": [

{

"Effect": "Allow", "Principal": {

"Service": "groundstation.amazonaws.com"

},

"Action": "sts:AssumeRole", "Condition": {

"StringEquals": {

"aws:SourceAccount": "your-account-id"

},

"ArnLike": {

"aws:SourceArn": "arn:aws:groundstation:config-region:your-account-id:config/s3- recording/your-config-id"

} } } ] }

Example Role Policy

For more information on how to update or attach a role policy, see Managing IAM policies in the IAM User Guide.

(11)

Conﬁgs

{

"Effect": "Allow", "Action": [

"s3:GetBucketLocation"

],

"Resource": [

"arn:aws:s3:::your-bucket-name"

] }, {

"s3:PutObject"

],

"Resource": [

"arn:aws:s3:::your-bucket-name/*"

] } ]}

See the following documentation for more information about how to perform operations on S3 recording conﬁgs using AWS CloudFormation, the AWS Command Line Interface, or the AWS Ground Station API.

• AWS::GroundStation::Conﬁg S3RecordingConﬁg CloudFormation property

• Conﬁg AWS CLI reference (see the s3RecordingConfig -> (structure) section)

• S3RecordingConﬁg API reference

Tracking Conﬁg

You can use tracking configs in the mission profile to determine whether autotrack should be enabled during your contacts. This config has a single parameter: autotrack. The autotrack parameter can have the following values:

• REQUIRED - Autotrack is required for your contacts.

• PREFERRED - Autotrack is preferred for contacts, but contacts can still be executed without autotrack.

• REMOVED - No autotrack should be used for your contacts.

See the following documentation for more information about how to perform operations on tracking conﬁgs using AWS CloudFormation, the AWS Command Line Interface, or the AWS Ground Station API.

• AWS::GroundStation::Conﬁg TrackingConﬁg CloudFormation property

• Conﬁg AWS CLI reference (see the trackingConfig -> (structure) section)

• TrackingConﬁg API reference

Antenna Downlink Conﬁg

You can use antenna downlink configs to configure the antenna for downlink during your contact. They consist of a spectrum config that specifies the frequency, bandwidth, and polarization that should be

(12)

Conﬁgs

used during your downlink contact. If your downlink use case requires demodulation or decoding, see the

??? (p. 8).

See the following documentation for more information about how to perform operations on antenna downlink conﬁgs using AWS CloudFormation, the AWS Command Line Interface, or the AWS Ground Station API.

• AWS::GroundStation::Conﬁg AntennaDownlinkConﬁg CloudFormation property

• Conﬁg AWS CLI reference (see the antennaDownlinkConfig -> (structure) section)

• AntennaDownlinkConﬁg API reference

Antenna Downlink Demod Decode Conﬁg

Antenna downlink demod decode configs are a more complex and customizable config type that you can use to execute downlink contacts with demod or decode. If you're interested in executing these types of contacts, contact the AWS Ground Station team. We'll help you define the right config and mission profile for your use case.

See the following documentation for more information about how to perform operations on antenna downlink demod decode conﬁgs using AWS CloudFormation, the AWS Command Line Interface, or the AWS Ground Station API.

• AWS::GroundStation::Conﬁg AntennaDownlinkDemodDecodeConﬁg CloudFormation property

• Conﬁg AWS CLI reference (see the antennaDownlinkDemodDecodeConfig -> (structure) section)

• AntennaDownlinkDemodDecodeConﬁg API reference

Antenna Uplink Conﬁg

You can use antenna uplink configs to configure the antenna for uplink during your contact. They consist of a spectrum config with frequency, polarization, and target effective isotropic radiated power (EIRP).

For information about how to conﬁgure a contact for uplink loopback, see ??? (p. 8).

See the following documentation for more information about how to perform operations on antenna uplink conﬁgs using AWS CloudFormation, the AWS Command Line Interface, or the AWS Ground Station API.

• AWS::GroundStation::Conﬁg AntennaUplinkConﬁg CloudFormation property

• Conﬁg AWS CLI reference (see the antennaUplinkConfig -> (structure) section)

• AntennaUplinkConﬁg API reference

Uplink Echo Conﬁg

Uplink echo configs tell the antenna how to execute an uplink echo. This echoes the signal sent by the antenna back to your dataflow endpoint. An uplink echo config contains the ARN of an uplink config. The antenna uses the parameters from the uplink config pointed to by the ARN when executing an uplink echo.

See the following documentation for more information about how to perform operations on uplink echo conﬁgs using AWS CloudFormation, the AWS Command Line Interface, or the AWS Ground Station API.

• AWS::GroundStation::Conﬁg UplinkEchoConﬁg CloudFormation property

• Conﬁg AWS CLI reference (see the uplinkEchoConfig -> (structure) section)

(13)

Mission Proﬁles

• UplinkEchoConﬁg API reference

Mission Proﬁles

Mission profiles contain configs and parameters for how contacts are executed. When you reserve a contact or search for available contacts, you supply the mission profile that you intend to use. Mission profiles bring all of your configs together and define how the antenna will be configured and where data will go during your contact.

Aside from tracking configs (p. 7), all configs are contained in the dataflowEdges field of the

mission profile. A single dataflow edge is a list of two ARNs—the first is the from config and the second is the to config. By specifying a dataflow edge between two configs, you are telling AWS Ground Station from where and to where data should flow during a contact. Tracking configs are not used as part of a dataflow edge, but are specified as a separate field.

The name field of the mission profile helps distinguish between the mission profiles that you create.

See the following documentation for more information about how to perform operations on mission proﬁles using AWS CloudFormation, the AWS Command Line Interface, or the AWS Ground Station API.

• AWS::GroundStation::MissionProﬁle CloudFormation resource type

• Mission Proﬁle AWS CLI reference

• Mission Proﬁle API reference

(14)

Finding the AWS Region for a Ground Station

AWS Ground Station Locations

Customers can transmit and receive data using AWS Ground Station antennas in the following locations:

US (Oregon), US (Ohio), Middle East (Bahrain), Europe (Stockholm), Asia Paciﬁc (Sydney), Europe (Ireland), Africa (Cape Town), US (Hawaii), Asia Paciﬁc (Seoul), and South America (Punta Arenas) [in Preview]

Customers can deliver data and configure their contacts with the AWS Ground Station console in the following regions: US West (Oregon), US East (Ohio), Middle East (Bahrain), Europe (Stockholm), Asia Pacific (Sydney), Europe (Ireland), Africa (Cape Town), US East (N. Virginia), Europe (Frankfurt), Asia Pacific (Seoul), and South America (São Paulo) [in Preview]. More regions and antenna locations coming soon.

Note: You can only create AWS Ground Station resources in the regions that host the AWS Ground Station console mentioned in the prior paragraph.

Topics

• Finding the AWS Region for a Ground Station (p. 10)

Finding the AWS Region for a Ground Station

The AWS Global Network includes Ground Station locations that are not physically located in the AWS Region to which they are connected. Listing and reserving contacts at one of these Ground Station locations must be performed using the AWS Region to which the Ground Station is connected.

There are multiple methods of determining a Ground Station’s AWS Region. The AWS Ground Station console page displays the Ground Station’s AWS Region when displaying it in both the ﬁlters and contacts table as shown in the image below. The AWS SDK contains the Ground Station’s AWS Region in the ListGroundStation response. Finally, the AWS CLI contains the Ground Station’s AWS Region in the list-ground-stations response.

(15)

Example Ground Station Located Outside of an AWS Region

Topics

• Example Ground Station Located Outside of an AWS Region (p. 11)

Example Ground Station Located Outside of an AWS Region

Hawaii 1 is an example of a Ground Station location that is not physically located in the AWS Region to which it is connected. The Hawaii 1 Ground Station is located in Hawaii, USA but is connected to the us-west-2 (Oregon) AWS Region. In order to list and reserve contacts using Hawaii 1, you must have a mission proﬁle (p. 9) conﬁgured in the us-west-2 (Oregon) AWS Region and use the us-west-2 (Oregon) AWS Region in the AWS Ground Station console, AWS CLI, or AWS SDK.

• To list and reserve contacts (p. 19) for Hawaii 1 in the AWS Ground Station console you must use the AWS Ground Station console in the us-west-2 (Oregon) region.

• To list and reserve contacts for Hawaii 1 using the AWS CLI you must specify the region as us-west-2 using the --region CLI argument.

• To list and reserve contacts for Hawaii 1 using the AWS SDK you must set the region of your client to us-west-2. How you set this depends on the programming language your are using. An example of how to set this using JavaScript is described in the AWS SDK for JavaScript documentation. For more information, refer to the language speciﬁc SDK documentation.

(16)

Step 1: Sign Up for AWS

Setting Up AWS Ground Station

Before you start using AWS Ground Station, you need to know what AWS Identity and Access Management (IAM) permissions you need, and what space vehicle credentials to provide. Use the following steps to set up your account.

Topics

• Step 1: Sign Up for AWS (p. 12)

• Step 2: Add Permissions to Your AWS Account (p. 12)

• Step 3: Customer Onboarding (p. 13)

• Next Steps (p. 14)

Step 1: Sign Up for AWS

To use AWS Ground Station, you need an AWS account. If you already have an AWS account, skip to the section called “Step 2: Add Permissions to Your AWS Account ” (p. 12).

1. Choose the following hyperlink: https://aws.amazon.com/.

NoteIf you previously signed in to the AWS Management Console using AWS account root user credentials, choose Sign in to a diﬀerent account. If you previously signed in to the console using IAM credentials, choose Sign-in using root account credentials. Then, choose Create a new AWS account.

2. Choose Sign In to the Console.

3. Choose Create a new AWS account.

4. Follow the instructions for creating a new AWS account. Part of the sign-up procedure involves receiving a phone call and entering a veriﬁcation code using the phone keypad.

Step 2: Add Permissions to Your AWS Account

To use AWS Ground Station, you need to create a new policy and attach it to your AWS account.

1. Sign in to the AWS Management Console and open the (IAM) console at https://

console.aws.amazon.com/iam/.

2. Create a new policy. Use the following steps:

a. In the navigation pane, choose Policies and then choose Create Policy.

b. In the JSON tab, edit the JSON with one of the following values. Use the JSON that works best for your application.

• For Admin privileges, set Action to groundstation:* as follows:

{

"Effect": "Allow",

(17)

Step 3: Customer Onboarding

"Action": [

"groundstation:*"

],

"Resource": [ "*"

] } ]}

• For Read-only privileges, set Action to groundstation:Get*, groundstation:List*, and groundstation:Describe* as follows:

{

"groundstation:Get*", "groundstation:List*", "groundstation:Describe*"

],

"Resource": [ "*"

] } ] }

• For additional security through multifactor authentication, set Action to groundstation:*, and Condition/Bool to aws:MultiFactorAuthPresent:true as follows:

{

"Effect": "Allow",

"Action": "groundstation:*", "Resource": "*",

"Condition": { "Bool": {

"aws:MultiFactorAuthPresent": true }

} } ] }

3. In the IAM console, attach the policy you created to the desired user.

For more information about IAM users and attaching policies, see the IAM User Guide.

Step 3: Customer Onboarding

To complete registration for your AWS Ground Station account, see the Satellites and Resources section in the AWS Ground Station console page for onboarding details. The AWS Ground Station team will work with you to onboard your satellites to the service. Once you onboard your satellite, the satellite will be available to use when managing a contact. Instructions for managing a contact are provided later in Listing and Reserving Contacts (p. 19).

(18)

Next Steps

Onboarding your satellite(s) will grant you access to send and receive data to and from the satellite.

In addition to onboarding your own satellites, customers may also onboard the following satellites to downlink direct broadcast data using AWS Ground Station:

• Aqua

• SNPP

• JPSS-1/NOAA-20

• Terra

Once onboarded, these satellites can be accessed for immediate use. You can use the

AquaSnppJpss.yml template and the AquaSnppJpssTerraDigIF.yml template provided in the AWS Ground Station customer assets S3 bucket and customize the template to conﬁgure your own parameters. Instructions and details for accessing and using this template are provided later in the Create Your Resources Using a AWS CloudFormation Template (p. 15) section of the user guide.

For more information about these satellites and the kind of data they transmit, see Aqua, JPSS-1/

NOAA-20 and SNPP, and Terra.

Next Steps

Your AWS Ground Station account is now set up and ready for conﬁguration. Continue to Getting Started (p. 15) to conﬁgure your resources to use AWS Ground Station.

(19)

Basic Concepts

Getting Started with AWS Ground Station

AWS Ground Station enables you to command, control, and downlink data from your satellites.

With AWS Ground Station, you can schedule access to ground station antennas on a per-minute basis and pay only for the antenna time used. AWS Ground Station delivers your contact data asynchronously to an Amazon Simple Storage Service (Amazon S3) bucket in your account or synchronously by

streaming it to and from an Amazon Elastic Compute Cloud (Amazon EC2) instance in your account. The following steps describe how to conﬁgure the resources required to receive contact data asynchronously in an Amazon S3 bucket. See the ??? (p. 27) guide for information about how to use data delivery to Amazon EC2.

Topics

• Basic Concepts (p. 15)

• Prerequisites (p. 15)

• Step 1: Choose an AWS CloudFormation Template (p. 15)

• Step 2: Conﬁgure an AWS CloudFormation Stack (p. 17)

Basic Concepts

Before you begin, you should familiarize yourself with the basic concepts in AWS Ground Station. For more information, see ??? (p. 3).

Then, continue on to ??? (p. 15) to learn about prerequisites to getting started with AWS Ground Station.

Prerequisites

Before getting starting with AWS Ground Station, ensure you have an AWS account with the proper credentials. Follow the steps in ??? (p. 12).

Then, continue on to ??? (p. 15).

Step 1: Choose an AWS CloudFormation Template

After you onboard (p. 13) your satellite, you need to define mission profiles to define the AWS Ground Station antenna configuration to downlink data from your satellite. To assist you with this process, we provide preconfigured AWS CloudFormation templates that use public broadcast satellites. These templates make it easy for you to start using AWS Ground Station. For more information about AWS CloudFormation, see What is AWS CloudFormation?

Preconﬁgured Templates

Today, you can configure multiple streams of data per contact to flow into an S3 bucket. These data streams are available in two different formats. Data streams containing VITA-49 Signal/IP data can be configured for S-Band and X-Band signals up to 54 MHz in bandwidth. VITA-49 Extension data/IPs can be configured for demodulated and/or decoded X-Band signals up to 500 MHz in bandwidth.

(20)

Preconﬁgured Templates

AWS Ground Station provides templates for both data stream formats that demonstrate how to use the service. Use this guide to ﬁnd the right template for you.

Available templates

You can use a preconﬁgured template to receive direct broadcast data from the Aqua, SNPP, JPSS-1/

NOAA-20, and Terra satellites. These AWS CloudFormation templates contain the required AWS Ground Station and Amazon S3 resources to schedule and execute contacts and receive the data in an Amazon S3 bucket in your account. If Aqua, SNPP, JPSS-1/NOAA-20, and Terra are not onboarded to your account, see Customer Onboarding (p. 13).

• The AWS CloudFormation template named AquaSnppJpss-1DemodDecodeS3DataDelivery.yml contains an Amazon S3 bucket and the required AWS Ground Station resources to schedule contacts and receive demodulated and decoded direct broadcast data. This template is a good starting point if you plan to process the data using NASA Direct Readout Labs software (RT-STPS and IPOPP).

To download the template using AWS CLI, use the following command:

aws s3 cp s3://groundstation-cloudformation-templates-us-west-2/

AquaSnppJpss-1DemodDecodeS3DataDelivery.yml .

You can view and download the template in the console by navigating to the following URL in your browser:

https://s3.console.aws.amazon.com/s3/object/groundstation-cloudformation-templates-us- west-2/AquaSnppJpss-1DemodDecodeS3DataDelivery.yml

You can specify the template directly in AWS CloudFormation using the following link:

https://groundstation-cloudformation-templates-us-west-2.s3.us-west-2.amazonaws.com/

AquaSnppJpss-1DemodDecodeS3DataDelivery.yml

• The AWS CloudFormation template named AquaSnppJpss-1TerraDigIfS3DataDelivery.yml contains an Amazon S3 bucket and the required AWS Ground Station resources to schedule contacts and receive VITA-49 Signal/IP direct broadcast data. This template is a good starting point if you plan to process the data using a software deﬁned radio (SDR) to demodulate and decode the data before post-processing.

aws s3 cp s3://groundstation-cloudformation-templates-us-west-2/

AquaSnppJpss-1TerraDigIfS3DataDelivery.yml .

You can view and download the template in the console by navigating to the following URL in your browser:

https://s3.console.aws.amazon.com/s3/object/groundstation-cloudformation-templates-us- west-2/AquaSnppJpss-1TerraDigIfS3DataDelivery.yml

AquaSnppJpss-1TerraDigIfS3DataDelivery.yml

What resources do these template deﬁne?

(21)

Building your own template

Both of the templates contain the same resources, with the sole diﬀerence being the antenna conﬁgs.

See the Antenna Conﬁg description below for more information.

• Amazon S3 Bucket - The bucket to which the downlinked data will be delivered. The name of this bucket starts with aws-groundstation to meet criteria described in S3 Recording Conﬁg (p. 6).

• IAM Role - A role assumable by the groundstation.amazonaws.com service principal that AWS Ground Station assumes when writing the downlinked data to your Amazon S3 bucket.

• Amazon S3 Bucket Policy - A policy that allows the IAM Role to perform the following actions on your Amazon S3 bucket and its objects:

• s3:GetBucketLocation

• s3:PutObject

• Tracking Config - An AWS Ground Station tracking config (p. 7) that defines how the antenna system tracks your satellite as it moves through the sky.

• S3 Recording Conﬁg - An AWS Ground Station S3 recording conﬁg (p. 6) that references the Amazon S3 bucket and IAM role for AWS Ground Station to use when delivering your data.

• Antenna Config - An AWS Ground Station antenna config that specifies how to configure the AWS Ground Station antenna during a contact. The

AquaSnppJpss-1DemodDecodeS3DataDelivery.yml template contains an antenna downlink demod decode conﬁg (p. 8) that conﬁgures the AWS Ground Station antenna to demodulate and decode the downlinked data before delivering it to your Amazon S3 bucket.

The AquaSnppJpss-1TerraDigIfS3DataDelivery.yml instead contains an antenna decode conﬁg (p. 7) that conﬁgures the AWS Ground Station antenna to deliver the data to your Amazon S3 as VITA-49 Signal/IP packets.

• Mission Profile - An AWS Ground Station mission profile (p. 9) that groups all of the AWS Ground Station configs together to allow you to schedule and execute contacts using the configurations referenced.

Building your own template

Configuring the resources to schedule and execute contacts for your own satellites requires you configure the AWS Ground Station resources in your account to match your satellite's settings. This is difficult to do on your own. The AWS Ground Station team is available to help you configure the AWS Ground Station resources in your account to downlink from and uplink to your satellite. To configure your own satellite to use with AWS Ground Station, contact AWS Support.

Step 2: Conﬁgure an AWS CloudFormation Stack

After choosing the template that best applies to your use case, conﬁgure an AWS CloudFormation stack.

The resources that are created in this procedure are conﬁgured to the region that you are in when you create them.

1. In the AWS Management Console, choose Services > CloudFormation.

2. In the navigation pane, choose Stacks. Then, choose Create stack > With new resources (standard).

3. In the Create Stack page, specify the template that you selected in the section called “Step 1:

Choose an AWS CloudFormation Template” (p. 15) by doing one of the following.

a. Select Amazon S3 URL as your template source, and copy and paste the URL of the template you want to use in Amazon S3 URL. Then, choose Next.

b. Select Upload a template ﬁle as your template source and choose Choose File. Upload the template you downloaded in the section called “Step 1: Choose an AWS CloudFormation Template” (p. 15). Then, choose Next.

(22)

Step 2: Conﬁgure an AWS CloudFormation Stack

4. Perform the following steps in the Specify stack details page:

a. Enter a name in the Stack Name box. We recommend using a simple name to reduce the possibility of errors in the future.

b. Choose Next.

5. Conﬁgure stack options and advanced options for your Amazon EC2 instance.

a. Add any tags and permissions in the Tags and Permissions sections.

b. Make any changes for your Stack policy, Rollback conﬁguration, Notiﬁcation options, and Stack creation options.

c. Choose Next.

6. After reviewing your stack details, select the Capabilities acknowledgement, and choose Create stack.

(23)

Using the Ground Station Console

Listing and Reserving Contacts

You can enter satellite data, identify antenna locations, communicate, and schedule antenna time for selected satellites by using the AWS Ground Station console or AWS CLI. You can review, cancel, and reschedule contact reservations up to eight days prior to scheduled time. In addition, you can view the details of your reserved minutes pricing plan if you are using the AWS Ground Station reserved minutes pricing model.

AWS Ground Station supports cross-region data delivery. The dataflow endpoint configs that are part of the mission profile you select determine to which region(s) the data is delivered. For more information about using cross-region data delivery, see Using Cross Region Data Delivery Service (p. 45).

To schedule contacts, your resources must be conﬁgured. If you have not conﬁgured your resources, see Getting Started (p. 15).

Topics

• Using the Ground Station Console (p. 19)

• Reserving and Managing Contacts with AWS CLI (p. 23)

Using the Ground Station Console

You can use the AWS Ground Station console to reserve, view, and cancel contact reservations. To use the AWS Ground Station console, open the AWS Ground Station console and choose Reserve contacts now.

Use the following topics to use the AWS Ground Station console to reserve, view, and cancel contacts.

Topics

• Reserve a Contact (p. 19)

• View Scheduled and Completed Contacts (p. 21)

• Cancelling Contacts (p. 22)

Reserve a Contact

After accessing the AWS Ground Station console, use your conﬁgured resources to reserve contacts in the Contact management table.

(24)

Reserve a Contact

1. In the Contact management table, choose the parameters you want to use to search for available contacts. Ensure that you are viewing Available contacts by using the Status ﬁlter.

2. Choose a contact that meets your requirements and then choose Reserve contact.

3. In the Reserve Contact dialog box, review your contact reservation information.

a. (optional) Under Tags, enter a key and value for each tag you want to add.

b. Choose Reserve.

(25)

View Scheduled and Completed Contacts

AWS Ground Station will use the configuration data from your mission profile to execute a contact at the specified ground station.

View Scheduled and Completed Contacts

Once you schedule contacts, you can use the AWS Ground Station console to view the details of scheduled and completed contacts.

In the Contact management table, choose the parameters you want to use to search for scheduled and completed contacts. Ensure that you are viewing Scheduled or Completed contacts by using the Status ﬁlter.

(26)

Cancelling Contacts

Your scheduled or completed contact(s) will be listed if the contact(s) matches the parameters.

Cancelling Contacts

You can use the AWS Ground Station console to cancel scheduled contacts

1. In the Contact management table, choose the parameters you want to use to search for scheduled and completed contacts. Ensure that you are viewing Scheduled contacts by using the Status ﬁlter.

2. Choose the contact you want to cancel in the list of scheduled contacts. Then, choose Cancel Contact.

3. In the Cancel contact dialog box, choose Ok.

The contact's status will be CANCELLED.

(27)

Reserving and Managing Contacts with AWS CLI

You can use AWS CLI to reserve and manage your contacts in AWS Ground Station. Before using AWS CLI to reserve and manage contacts, the following AWS CLI prerequisites must be fulﬁlled:

• Ensure that AWS CLI is installed. For information about installing AWS CLI, see Installing the AWS CLI version 2.

• Ensure that AWS CLI is configured. For information about configuring AWS CLI, see Configuring the AWS CLI version 2.

• Save your frequently used configuration settings and credentials in files that are maintained by the AWS CLI. You need these settings and credentials to reserve and manage your AWS Ground Station contacts with AWS CLI. For more information about saving your configuration and credential settings, see Configuration and Credential File Settings .

Once AWS CLI is conﬁgured and ready to use, review the AWS Ground Station CLI Command Reference page to familiarize yourself with available commands. Follow the AWS CLI command structure when using this service and preﬁx your commands with groundstation to specify AWS Ground Station as the service you want to use. For more information on the AWS CLI command structure, see Command Structure in the AWS CLI page. An example command structure is provided below.

aws groundstation <command> <subcommand> [options and parameters]

Use the following topics to reserve, view, and cancel contacts with AWS CLI.

Topics

• View and List Contacts with AWS CLI (p. 23)

• Reserve a Contact with AWS CLI (p. 24)

• Describe a Contact with AWS CLI (p. 25)

• Cancel a Contact with AWS CLI (p. 25)

View and List Contacts with AWS CLI

To list and view CANCELLED, COMPLETED, or SCHEDULED contacts with AWS CLI, run aws groundstation list-contacts with the following parameters.

• Start Time - Specify the start time of your contact with --start-time <value>. The following is an acceptable time value format: YYYY-MM-DDTHH:MM:SSZ

• End Time - Specify the end time of your contact with --end-time <value>. The following is an acceptable time value format: YYYY-MM-DDTHH:MM:SSZ

• Status List - Specify the status of your contact with --status-list <value>. Acceptable values include AVAILABLE, CANCELLED, COMPLETED, or SCHEDULED. To see a full list of valid values, see list- contacts.

To list and view AVAILABLE contacts with AWS CLI the following parameters are required in addition to the ones listed above.

• Ground Station ID - Specify your ground station's ID with --ground-station <value>.

• Mission Proﬁle ARN - Specify your mission proﬁle's ARN with --mission-profile-arn <value>.

• Satellite ARN - Specify your satellite ARN with --satellite-arn <value>.

(28)

Reserve a Contact with AWS CLI

You can use list commands to look up your resources. For more information on specifying your parameters, see list-contacts

An example command to list available contacts is provided below.

aws groundstation --region us-east-2 list-contacts --ground-station 'Ohio 1' --mission-profile-arn 'arn:aws:groundstation:us-east-2:123456789012:mission- profile/11111111-2222-3333-4444-555555555555' --satellite-arn

'arn:aws:groundstation::123456789012:satellite/11111111-2222-3333-4444-555555555555' --start-time '2020-04-10T00:09:22Z' --end-time '2020-04-10T00:11:22' --status-list 'AVAILABLE'

An example of a list of available contacts is provided below.

{ "contactList": [ {

"contactStatus": "AVAILABLE",

"endTime": "2020-04-15T03:16:35-06:00", "groundStation": "Oregon 1",

"maximumElevation": { "unit": "DEGREE_ANGLE", "value": 11.22

},

"missionProfileArn": "arn:aws:groundstation:us-west-2:111111111111:mission- profile/11111111-2222-3333-4444-555555555555",

"region": "us-west-2", "satelliteArn":

"arn:aws:groundstation::111111111111:satellite/11111111-2222-3333-4444-555555555555", "startTime": "2020-04-15T03:06:08-06:00"

} ]}

Reserve a Contact with AWS CLI

AWS CLI gives you the option to reserve contacts by the minute. This feature is unique to the AWS CLI and cannot be done in the AWS Ground Station console.

To reserve contacts with AWS CLI, run aws groundstation reserve-contact with the following parameters.

• Ground Station ID - Specify your ground station's ID with --ground-station <value>.

• Mission Proﬁle ARN - Specify your mission proﬁle's ARN with --mission-profile-arn <value>.

• Satellite ARN - Specify your satellite ARN with --satellite-arn <value>.

• Start Time - Specify the start time of your contact with --start-time <value>. The following is an acceptable time value format: YYYY-MM-DDTHH:MM:SSZ

• End Time - Specify the end time of your contact with --end-time <value>. The following is an acceptable time value format: YYYY-MM-DDTHH:MM:SSZ

Contact reservation is an asynchronous process. The response to the reserve-contact command provides the contact identiﬁer. In order to determine the outcome of the asynchronous reservation process, use describe-contact. For more information on this, see the section below titled Describe a Contact with AWS CLI (p. 25).

You can use list commands to look up your resources. For more information on specifying your parameters, see reserve-contact.

(29)

Describe a Contact with AWS CLI

An example command of reserving a contact is provided below.

aws groundstation reserve-contact --ground-station 'Ohio 1' --mission- profile-arn 'arn:aws:groundstation:us-east-2:123456789012:mission- profile/11111111-2222-3333-4444-555555555555' --satellite-arn

'arn:aws:groundstation::123456789012:satellite/11111111-2222-3333-4444-555555555555' -- start-time '2020-04-10T00:09:22Z' --end-time '2020-04-10T00:11:22'

An example of a successfully reserved contact is provided below.

{ "contactId": "11111111-2222-3333-4444-555555555555"

}

Describe a Contact with AWS CLI

To see the status of a contact/reservation with AWS CLI, use the describe-contact CLI command. This is helpful for verifying the outcome of the asynchronous contact reservation process, monitoring the status of an in-progress contact, and determining the status of a ﬁnished contact.

To describe contacts with AWS CLI, run aws groundstation describe-contact with the following parameters.

• Contact ID - Specify your contact ID with --contact-id <value>.

You can use list commands to look up your resources. For more information on specifying your parameters, see describe-contact.

An example command of describing a contact is provided below.

aws groundstation describe-contact --contact-id 11111111-2222-3333-4444-555555555555

An example of a successfully scheduled contact is provided below.

{ "groundStation": "Ireland 1", "tags": {},

"missionProfileArn": "arn:aws:groundstation:us-west-2:111111111111:mission- profile/11111111-2222-3333-4444-555555555555",

"region": "us-west-2",

"contactId": "11111111-2222-3333-4444-555555555555", "prePassStartTime": 1645850471.0,

"postPassEndTime": 1645851172.0, "startTime": 1645850591.0, "maximumElevation": { "value": 12.66, "unit": "DEGREE_ANGLE"

}, "satelliteArn":

"arn:aws:groundstation::111111111111:satellite/11111111-2222-3333-4444-555555555555", "endTime": 1645851052.0,

"contactStatus": "SCHEDULED"

}

Cancel a Contact with AWS CLI

To cancel a contact with AWS CLI, run aws groundstation cancel-contact with the following parameters.

(30)

Cancel a Contact with AWS CLI

• Region - Specify your ground station's region with --region <value>.

• Contact ID - Specify the contact ID with --contact-id <value>.

You can use list commands to look up your resources. For more information on specifying your parameters, see cancel-contacts

An example command of reserving a contact is provided below.

aws groundstation --region us-east-2 cancel-contact --contact-id '11111111-2222-3333-4444-555555555555'

An example of a successfully cancelled contact is provided below.

{ "contactId": "11111111-2222-3333-4444-555555555555"

}

(31)

Step 1: Create EC2 SSH Key Pair

Data Delivery to Amazon EC2

AWS Ground Station delivers your contact data asynchronously to an Amazon Simple Storage Service (Amazon S3) bucket in your account or synchronously by streaming it to and from an Amazon Elastic Compute Cloud (Amazon EC2) instance in your account. The following steps describe how to conﬁgure the resources required to stream contact data to and from an Amazon EC2 instance. See the ??? (p. 15) guide for information about data delivery to Amazon S3.

Topics

• Step 1: Create EC2 SSH Key Pair (p. 27)

• Step 2: Set Up Your VPC (p. 28)

• Step 3: Choose and Customize an AWS CloudFormation Template (p. 29)

• Step 4: Conﬁgure an AWS CloudFormation Stack (p. 34)

• Step 5: Install and Conﬁgure FE Processor/Radio (p. 35)

• (Optional) Install and Conﬁgure Data Defender Manually (p. 36)

• Next Steps (p. 44)

Step 1: Create EC2 SSH Key Pair

If you do not already have one, create a new key pair in the Amazon EC2 console for each AWS Region where you plan to receive data. Use the steps below.

1. In your AWS Management Console, choose an AWS Region in which you plan to reserve contacts.

You need to create a key pair for every AWS Region you choose.

NoteAWS Ground Station is not yet available for all regions. Ensure that AWS Ground Station is supported by your desired AWS Region. For more information about AWS Ground Station antenna locations, see AWS Ground Station FAQs.

2. Choose Services > EC2 > Network & Security > Key Pairs, and then choose Create Key Pair.

3. Enter a friendly name like groundstation-ec2-access-key-<region> (for example, groundstation- ec2-access-key-us-east-2).

4. Save the private key, make it accessible to your ssh utility of choice, and set the ownership/

permissions as needed (for example, chmod 400 <key name>.pem).

5. Repeat for other AWS Regions if needed.

(32)

Step 2: Set Up Your VPC

The full setup of a VPC is beyond the scope of this guide. If you don't have an existing VPC that is already customized, you can use the default VPC that is created in your AWS account. We recommend adding a Linux bastion to your VPC so that you can SSH into your Amazon EC2 instances without attaching a public IP address. For more information about conﬁguring a Linux bastion in your VPC, see Linux Bastion Hosts on AWS.

For your convenience, instructions to quickly add a bastion host to your Linux environment in AWS are below. While this is not required, it is recommended best practice.

1. Login to your AWS account.

2. In the Linux Bastion Hosts on the AWS Cloud: Quick Start Reference Deployment page, choose Launch Quick Start (for new VPC).

3. In the Create Stack page, choose Next. The template is pre-populated.

4. In the Specify stack details page, make edits and changes in the following boxes:

a. Enter a stack name for your host in the Stack Name box.

b. For Availability Zones, select the Availability Zones you wish to use for the subnets in the VPC.

At least two Availability Zones must be selected.

c. For Allowed bastion external access CIDR, enter the CIDR block that you would like to enable SSH access from. If you are unsure, you can use the value of 0.0.0.0/0 to enable SSH access from any host that has the SSH key.

d. For Key pair name, choose the key pair name you created in the section called “Step 1: Create EC2 SSH Key Pair” (p. 27).

e. For Bastion instance type, choose t2.micro.

(33)

Step 3: Choose and Customize an AWS CloudFormation Template Important

The t2.micro instance type is not available for the Europe (Stockholm) Region (eu- north-1). If you are using AWS Ground Station in the Europe (Stockholm) Region (eu- north-1), choose t3.micro.

f. For TCP forwarding, choose true.

g. (Optional) Make other edits and changes as necessary. To customize your deployment, you can change your VPC conﬁguration, choose the number and type of bastion host instances, enable TCP or X11 forwarding, and enable a default or custom banner for your bastion hosts.

h. Choose Next.

5. In the Conﬁgure stack options page, make any changes or edits as necessary.

6. Choose Next.

7. Review the details of your bastion host and select the two Capabilities acknowledgements. Then, choose Create stack.

Step 3: Choose and Customize an AWS CloudFormation Template

Today, you can configure multiple streams of data per contact to flow into your VPC. These data streams are available in two different formats. Data streams containing VITA-49 Signal/IP data can be configured for S-Band and X-Band signals up to 54 MHz in bandwidth. VITA-49 Extension data/IPs can be configured for demodulated and/or decoded X-Band signals up to 500 MHz in bandwidth.

After you onboard (p. 13) your satellite, you need to define mission profiles and create instances to process or push data streams from or to your satellite. To assist you with this process, we provide preconfigured AWS CloudFormation templates that use public broadcast satellites. These templates make it easy for you to start using AWS Ground Station. For more information about AWS CloudFormation, see What is AWS CloudFormation?

It is important to note that you need to have data processing software or data storage software listening to the localhost side of Data Defender of the Amazon EC2 instance. This software is what you will use to store and/or process the data delivered to the Amazon EC2 instance during a contact.

Conﬁguring your Amazon EC2 Instance Settings

The AWS CloudFormation templates provided in this section are conﬁgured to use Amazon EC2 m5.4xlarge instance types by default. However, we encourage you to customize and choose the right Amazon EC2 instance settings for your use case. Requirements such as storage I/O and CPU performance should be considered when choosing your instance settings. For example, running a software modem on a receiver instance may require compute-optimized instances with more cores and a higher clock speed. The best way to determine the right instance settings for your use case is to test your instance settings with your workload, and Amazon EC2 makes it easy to switch between instance settings. Use the templates and customize the instance settings for your needs.

As a general recommendation, AWS Ground Station encourages the use of instances that support enhanced networking for your uplinks and downlinks, such as AWS Nitro System. For more information about enhanced networking, see Enabling enhanced networking with the Elastic Network Adapter (ENA) on Linux instances.

In addition to conﬁguring Amazon EC2 instance types, the AWS CloudFormation templates conﬁgure the base Amazon Machine Images (AMI) to be used for the instance. The AWS Ground Station base contains the software needed to receive data from the service in your EC2 instance. For more information about AMIs, see Amazon Machine Images (AMI).

(34)

Manually Creating and Conﬁguring Resources

The sample AWS CloudFormation templates in this section conﬁgure all the resources necessary to begin executing satellite contacts. If you prefer to manually create and conﬁgure the resources required to begin executing satellite contacts, you will need to do the following:

• Create AWS Ground Station configs. For more information about manually creating AWS Ground Station configs, see Create Config AWS CLI Command Reference or Create Config API Reference.

• Create an AWS Ground Station mission profile. For more information about manually creating an AWS Ground Station mission profile, see Create Mission Profile AWS CLI Command Reference or Create Mission Profile API Reference.

• Create an AWS Ground Station dataflow endpoint group. For more information about manually creating an AWS Ground Station dataflow endpoint group, see Create Dataflow Endpoint Group AWS CLI Command Reference or Create Dataflow Endpoint Group API Reference.

• Create an EC2 instance. For more information about manually creating an EC2 instance, see Launch an Instance.

• Install and conﬁgure Data Defender on your EC2 instance to send and/or receive data during your contact. For more information on manually conﬁguring Data Defender, see ??? (p. 36).

• Conﬁgure your EC2 instance's security group settings to allow AWS Ground Station to send data to/

from your EC2 instance. For more information about manually conﬁguring your EC2 instance's security group settings, see Create Security Group AWS CLI Command Reference or Create Security Group API Reference.

Choose a Template

AWS Ground Station provides templates that demonstrate how to use the service and can be accessed in diﬀerent ways. Use this guide to ﬁnd the right template for you.

Using a preconﬁgured template

You can use a preconﬁgured template to receive direct broadcast data from the Aqua, SNPP, JPSS-1/

NOAA-20, and Terra satellites. These templates contain the required AWS CloudFormation resources to schedule and execute contacts. The AquaSnppJpss template comprises the necessary AWS

CloudFormation resources to receive demodulated and decoded direct broadcast data. Use this template as a starting point if you plan to process the data using NASA Direct Readout Labs software (RT-STPS and IPOPP). The AquaSnppJpssTerraDigIF template comprises the necessary AWS CloudFormation resources to receive raw digitized intermediate frequency (DigIF) direct broadcast data. Use this template as a starting point for processing the data using a software deﬁned radio (SDR).

• the section called “AquaSnppJpss Template” (p. 31)

• the section called “AquaSnppJpssTerraDigIF Template” (p. 32)

Important

Satellites must be onboarded to the service in order to access AMIs with the AWS CloudFormation templates.

Using your own satellites

Configuring your own satellites requires a different set of parameters and resources. This is difficult to do on your own. The AWS Ground Station team is available to help you configure your own satellites for use and can help you configure resources for downlink, uplink, and uplink echo streams. To configure your own satellite to use with AWS Ground Station, contact AWS Support.

(35)

Choose a Template

Accessing Templates

You can access the templates in the regional Amazon S3 bucket below. Note that the following link uses a regional S3 endpoint. Change <us-west-2> to the region in which you are creating the AWS CloudFormation stack.

s3://groundstation-cloudformation-templates-us-west-2/

You can also download the templates using the AWS CLI. For information on conﬁguring the AWS CLI, see Conﬁguring the AWS CLI.

AquaSnppJpss Template

The AWS CloudFormation template named AquaSnppJpss.yml is designed to give you quick access to start receiving data for the Aqua, SNPP, and JPSS-1/NOAA-20 satellites. It contains an Amazon EC2 instance and the required AWS Ground Station resources to schedule contacts and receive demodulated and decoded direct broadcast data. This template is a good starting point if you plan to process the data using NASA Direct Readout Labs software (RT-STPS and IPOPP).

If Aqua, SNPP, and JPSS-1/NOAA-20 are not onboarded to your account, see Customer Onboarding (p. 13).

Important

The Amazon EC2 instance needs to be stopped before applying the template. Check to ensure that the instance is stopped until you are ready to use it.

You can access the template by accessing the customer onboarding S3 bucket. Note that the links below use a regional S3 bucket. Change <us-west-2> to the region in which you are creating the AWS CloudFormation stack.

Note

The following instructions use YAML. However, the templates are available in both YAML and JSON format. To use JSON, replace <.yml> with <.json>.

aws s3 cp s3://groundstation-cloudformation-templates-us-west-2/AquaSnppJpss.yml . You can view and download the template in the console by navigating to the following URL in your browser:

https://s3.console.aws.amazon.com/s3/object/groundstation-cloudformation-templates-us- west-2/AquaSnppJpss.yml

AquaSnppJpss.yml

What resources does the template deﬁne?

The AquaSnppJpss template includes the following resources:

• Data Delivery Service Role - AWS Ground Station assumes this role to create/delete ENIs in your account in order to stream data.

• (Optional) Receiver Instance - The Amazon EC2 instance that will send/receive data to/from your satellite using AWS Ground Station.

(36)

Choose a Template

• Instance Security Group - The security group for your Amazon EC2 instance.

• Instance Role - The role for your Amazon EC2 instance.

• Instance Proﬁle - The instance proﬁle for your Amazon EC2 instance.

• Cluster Placement Group - The placement group in which your Amazon EC2 instance is launched.

• Dataflow Endpoint Security Group - The security group that the elastic network interface created by AWS Ground Station belongs to. By default, this security group allows AWS Ground Station to stream traffic to any IP address in your VPC. You can modify this in a way that limits traffic to a specific set of IP addresses.

• Receiver Instance Network Interface - An elastic network interface that provides a ﬁxed IP address for AWS Ground Station to connect to. This attaches to the receiver instance on eth1.

• Receiver Instance Interface Attachment - An elastic network interface that attaches to your Amazon EC2 instance.

• (Optional) CloudWatch Event Triggers - AWS Lambda Function that is triggered using CloudWatch Events sent by AWS Ground Station before and after a contact. The AWS Lambda Function will start and optionally stop your Receiver Instance.

• (Optional) EC2 Verification for Contacts - The option to use Lambda to set up a verification system of your Amazon EC2 instance(s) for contacts with SNS notification. It is important to note that this may incur charges depending on your current usage.

• Dataflow Endpoint Group - The AWS Ground Station dataflow endpoint group (p. 4) that defines the endpoints used to send/receive data to/from your satellite. As part of the dataflow endpoint group creation, AWS Ground Station creates an elastic network interface in your account to stream data.

• Tracking Config - The AWS Ground Station tracking config (p. 7) defines how the antenna system tracks your satellite as it moves through the sky.

• Ground Station Amazon Machine Image Retrieval Lambda - The option to select what software is installed in your instance and the AMI of your choice. The software options include DDX 2.6.2 Only and DDX 2.6.2 with qRadio 3.6.0. These options will continue to expand as additional software updates and features are released.

In addition, the template provides the following resources for the Aqua, SNPP, JPSS-1/NOAA-20 satellites:

• A downlink demod/decode conﬁg for JPSS-1/NOAA-20 and SNPP, and a downlink demod/decode conﬁg for Aqua.

• A mission proﬁle for JPSS-1/NOAA-20 and SNPP, and a mission proﬁle for Aqua.

The values and parameters for the satellites in this template are already populated. These parameters make it easy for you to use AWS Ground Station immediately with these satellites. You do not need to conﬁgure your own values in order to use AWS Ground Station when using this template. However, you can customize the values to make the template work for your use case.

Where do I receive my data?

The dataflow endpoint group is set up to use the receiver instance network interface that part of the template creates. The receiver instance uses Data Defender to receive the data stream from AWS Ground Station on the port defined by the dataflow endpoint. Once received, the data is available for consumption via UDP port 50000 on the loopback adapter of the receiver instance. For more information about setting up a dataflow endpoint group, see AWS::GroundStation::DataflowEndpointGroup.

AquaSnppJpssTerraDigIF Template

The AWS CloudFormation template named AquaSnppJpssTerraDigIF.yml is designed to give you quick access to start receiving digitized intermediate frequency (DigIF) data for the Aqua, SNPP, JPSS-1/NOAA-20, and Terra satellites. It contains an Amazon EC2 instance and the required AWS

AWS Ground Station

AWS Ground Station

User Guide

AWS Ground Station: User Guide

Table of Contents

What Is AWS Ground Station?

How AWS Ground Station Works

Data Delivery to Amazon S3

Data Delivery to Amazon EC2

More Information

Service Terms

Core Components

Dataﬂow Endpoint Groups

Conﬁgs

Dataﬂow Endpoint Conﬁg

S3 Recording Conﬁg

Tracking Conﬁg

Antenna Downlink Conﬁg

Antenna Downlink Demod Decode Conﬁg

Antenna Uplink Conﬁg

Uplink Echo Conﬁg

Mission Proﬁles

AWS Ground Station Locations

Finding the AWS Region for a Ground Station

Example Ground Station Located Outside of an AWS Region

Setting Up AWS Ground Station

Step 1: Sign Up for AWS

Step 2: Add Permissions to Your AWS Account

Step 3: Customer Onboarding

Next Steps

Getting Started with AWS Ground Station

Basic Concepts

Prerequisites

Step 1: Choose an AWS CloudFormation Template

Preconﬁgured Templates

Building your own template

Step 2: Conﬁgure an AWS CloudFormation Stack

Listing and Reserving Contacts

Using the Ground Station Console

Reserve a Contact

View Scheduled and Completed Contacts

Cancelling Contacts

Reserving and Managing Contacts with AWS CLI

View and List Contacts with AWS CLI

Reserve a Contact with AWS CLI

Describe a Contact with AWS CLI

Cancel a Contact with AWS CLI

Data Delivery to Amazon EC2

Step 1: Create EC2 SSH Key Pair

Step 2: Set Up Your VPC

Step 3: Choose and Customize an AWS CloudFormation Template

Conﬁguring your Amazon EC2 Instance Settings

Manually Creating and Conﬁguring Resources

Choose a Template

Accessing Templates

AquaSnppJpss Template

AquaSnppJpssTerraDigIF Template