AWS Installation Steps

Register for a Sysdig Account

The first step you have to follow is create a Sysdig Account if you don’t have one already. In that case visit the following link, and register for a trial account.

Sysdig Trial account

Request Sysdig Platform that includes Monitor + Secure, or just Sysdig Secure if you are not interested also in monitoring.

Once you have access to your Sysdig Secure dashboard, continue to the next step.

Deploy the CloudFormation template

You can deploy Sysdig Secure for cloud using AWS CloudFormation. Log into AWS Console and visit this link to the CloudFormation template:

Sysdig Secure for cloud CloudFormation template

Make sure that:

To enter the values for the Sysdig Secure endpint and API Token, you can visit the “Get started” section on your Sysdig Secure dashboard, and open the first section “Connect your Cloud Account”, or follow the steps in the following animation.

CloudFormation stack installation

Mandatory parameters are:

The Sysdig Secure Endpoint depends on your Sysdig account region:

These Sysdig regions are unrelated with your AWS region, and are only a way to segment Sysdig users to give them a better experience when accessing the dashboard.

You can find your Secure API Token and Agent Key in the settings section of your Sysdig dashboard inside your profile icon, as shown in the previous animation.

The last two checks are required to create the IAM roles for the new resources, and to execute sub-templates that this template incorporates for the different features of Sysdig Secure for cloud.

Click on Create stack button to continue.

Wait until the installation finishes

You will first see the stack “Sysdig-CloudVision” in “CREATE_IN_PROGRESS” state. It will also start to create 7 sub-stacks associated with the main one. When you refresh the status of the template and it shows “CREATE_COMPLETE” for all of them, the installation is finished.

Amazon starts sending runtime events approximately 10 minutes after you first create a CloudTrail trail. However, although there is an initial delay on seeing these come through, no event is lost.

Create complete

Continue to next sections

Ready to learn more about all of the security capabilities?

Visit the Threat Detection based on CloudTrail section.
Visit the Cloud Security Posture Management and Compliance section.
Visit the ECR Image Registry Scanning section.
Visit the Fargate Image Scanning section.

Want to learn about policies and test detecting an event?

Visit the Using policies and triggering events section.

Do you want more information about architecture and resources deployed?

Visit the Architecture section.

If you are having any problem with the installation or want to validate it: visit the Installation Validation section.

If you want to uninstall Sysdig Cloud Platform: visit the Uninstallation section.

Please visit any of the following sections for more information: