AWS Installation Steps
Register for a Sysdig Account
The first step you have to follow is create a Sysdig Account if you don’t have one already. In that case visit the following link, and register for a trial account.
Request Sysdig Platform that includes Monitor + Secure, or just Sysdig Secure if you are not interested also in monitoring.
Once you have access to your Sysdig Secure dashboard, continue to the next step.
Deploy the CloudFormation template
You can deploy Sysdig Secure for cloud using AWS CloudFormation. Log into AWS Console and visit this link to the CloudFormation template:
Make sure you switch to your desired AWS region for deployment of the associated resources.
Mandatory parameters are:
- Sysdig Secure Endpoint: Change default value if not in Sysdig US East region. Remember to include
https://at the beginning, and no trailing slash at the end.
- Sysdig Secure API Token: Paste your Sysdig Secure API token
- ✅ I acknowledge that AWS CloudFormation might create IAM resources with custom names.
- ✅ I acknowledge that AWS CloudFormation might require the following capability: CAPABILITY_AUTO_EXPAND
The Sysdig Secure Endpoint depends on your Sysdig account region:
- US East: https://secure.sysdig.com
- US West: https://us2.app.sysdig.com
- European Union: https://eu1.app.sysdig.com
These Sysdig regions are unrelated with your AWS region, and are only a way to segment Sysdig users to give them a better experience when accessing the dashboard.
You can find your Secure API Token and Agent Key in the settings section of your Sysdig dashboard inside your profile icon, as shown in the previous animation.
The last two checks are required to create the IAM roles for the new resources, and to execute sub-templates that this template incorporates for the different features of Sysdig Secure for cloud.
Click on Create stack button to continue.
Wait until the installation finishes
You will first see the stack “Sysdig-CloudVision” in “CREATE_IN_PROGRESS” state. It will also start to create 7 sub-stacks associated with the main one. When you refresh the status of the template and it shows “CREATE_COMPLETE” for all of them, the installation is finished.
Amazon starts sending runtime events approximately 10 minutes after you first create a CloudTrail trail. However, although there is an initial delay on seeing these come through, no event is lost.
Continue to next sections
Ready to learn more about all of the security capabilities?
➡ Visit the Threat Detection based on CloudTrail section.
➡ Visit the Cloud Security Posture Management and Compliance section.
➡ Visit the ECR Image Registry Scanning section.
➡ Visit the Fargate Image Scanning section.
Want to learn about policies and test detecting an event?
Do you want more information about architecture and resources deployed?
If you are having any problem with the installation or want to validate it: visit the Installation Validation section.
If you want to uninstall Sysdig Cloud Platform: visit the Uninstallation section.
Please visit any of the following sections for more information:
- Sysdig Secure for cloud
- Amazon Web Services