Product
Use cases
PricingCase StudiesBlog
Resources
About USContactRequest a demo

Deploying DataMasque with Amazon EC2 Image Builder: A Step-by-Step Guide

May 21, 2025

DataMasque is a powerful data masking solution that helps organizations protect sensitive data in non-production environments. To simplify its deployment on AWS, EC2 Image Builder can be used to automate the creation of a  Golden AMI - a reusable, secure base image - bundled with the DataMasque application.

What is EC2 Image Builder? 

EC2 Image Builder is an AWS service that automates the creation, maintenance, validation, and testing of EC2 AMIs. It simplifies image management by allowing you to define components, workflows, and schedules for building secure, up-to-date EC2 AMIs.

Why Use EC2 Image Builder for DataMasque?

By integrating DataMasque with EC2 Image Builder, you can:

  • Automate the deployment of DataMasque onto EC2 instances.
  • Maintain consistency and reproducibility across all environments.
  • Improve security through version-controlled, hardened AMIs.
  • Reduce setup time for new EC2 instances running DataMasque.

Prerequisites

Before starting, ensure you have:

  • An AWS account with appropriate permissions to create/manage EC2 and Image builder resource.
  • Access to DataMasque on AWS Marketplace.
  • Familiarity with EC2 Image Builder concepts.
  • AWS Console access to configure pipelines.

Step-by-Step Guide to Build the Golden AMI with DataMasque

Follow these steps to create a DataMasque-enabled AMI using EC2 Image Builder:

Subscribe to DataMasque EC2 Image Builder Component

  • Click here to view and subscribe to DataMasque’s AWS Image Builder product. You’ll be prompted to log in with your AWS credentials and accept the terms of use to proceed.  
DataMasque EC2 Image Builder Component on AWS Marketplace
  • Click on View purchase options and then click Subscribe to accept the terms.
  • Once subscribed, click Launch your software. Under “Configure this software” form, select the latest Fulfillment option for DataMasque EC2 Image Builder Component. In below example screenshot, latest available DataMasaue IB component available is v2.24.0. Select the region you wish to launch the IB console.
  • Under “Configure this software” form, select the latest Fulfillment option for DataMasque EC2 Image Builder Component. In below example screenshot, latest available DataMasaue IB component available is v2.24.0. Select the region you wish to launch the IB console.

Create an Image Pipeline

  • Open the EC2 Image Builder console.
  • In the left-hand menu, click on Image pipelines.
  • Click Create image pipeline.
  • Provide a descriptive Name and Description for your pipeline.

Build Schedule

  • Choose how often the pipeline should run:
    • Manual: Run the pipeline on-demand.
    • Schedule builder: Use AWS's built-in scheduler.
    • Cron expression: Use cron syntax for custom schedules.
    For this tutorial, we select Manual for on-demand builds.

Configure the Image Recipe

  • Under the Choose recipe section, click Create new recipe
  • Set the Output type to AMI.
  • Provide a Name, Version, and optional Description for the image recipe.

  • Set a Base Image (Amazon Linux 2, Ubuntu, or Red Hat) with `x86-64` architecture.

Add Component

  • In the Components section, select AWS Marketplace components.
  • Search for DataMasque.
  • Select the checkbox next to the latest DataMasque version (e.g., `v2.24.0`) and click Add to recipe.

Set Storage and Infrastructure Settings

Configure Storage

  • Navigate to Storage (Volumes).
  • Under Default EBS volumes, choose:
    • Volume type: `gp3`
    • Size: Minimum 40 GB
    • Optionally, select a KMS key to encrypt the storage.

Define Workflows

Choose Default workflows for image creation process.

Infrastructure Configuration

In the Define infrastructure configuration section, choose Create infrastructure configuration using service defaults.

Note: For production environments, it is recommended to use Create a new infrastructure configuration and specify your own VPC to ensure greater control over networking, security, and compliance while creating the AMI.

Distribution Settings

Select ‘Create distribution settings using service defaults’.

Review and Create

  1. Review all pipeline configurations.
  2. Click ‘Create pipeline’ to finalize the setup.

Run the Pipeline

After pipeline creation:

  • Go back to the ‘Image pipelines’ menu in left pane in AWS console.
  • From the Actions dropdown for your pipeline, select ‘Run pipeline’.

Verify the Output AMI

Once the pipeline finishes running:

  • Wait for the Status to change from `building` to `completed`.
  • Navigate to EC2 Console > AMIs.
  • Locate your new AMI. It will have a name matching your Image output settings.

You can now launch EC2 instances using this AMI with DataMasque pre-installed.

Summary

By using EC2 Image Builder and the DataMasque component from AWS Marketplace, you can automate the deployment of secure, repeatable environments. This setup not only improves efficiency but also enforces consistency across your staging or test environments.

Ready to try DataMasque?

Request a demo to see how it works or start a free 30-day trial. 
Request a demo